Trust Center
Transparency is at the core of how we operate. Learn about our security practices, compliance certifications, and data handling procedures.
Compliance & Certifications
SOC 2 Type II
Certified
November 2025
GDPR
Compliant
Ongoing
CCPA
Compliant
Ongoing
ISO 27001
In Progress
Q1 2026
Security Practices
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Database connections use SSL.
Role-based access control, multi-factor authentication, and principle of least privilege for all systems.
Hosted on SOC 2 compliant cloud providers with redundancy, automatic backups, and 99.99% uptime SLA.
Comprehensive audit logging, regular penetration testing, and annual third-party security assessments.
Background checks for all employees, mandatory security training, and strict confidentiality agreements.
24/7 security monitoring, documented incident response procedures, and breach notification within 72 hours.
Sub-processors
Third parties who process data on our behalf
| Provider | Purpose | Location |
|---|---|---|
| Amazon Web Services | Cloud infrastructure | USA/EU |
| OpenAI | AI model provider | USA |
| Stripe | Payment processing | USA |
| Flutterwave | Payment processing | Nigeria |
| Supabase | Database hosting | USA/EU |