Compliable
Skip to main content
Security & Compliance

Trust Center

Your security is our priority. Learn about how we protect your data and maintain the highest standards of security and compliance.

VIEW CERTIFICATIONSDOWNLOAD DOCS

99.99%

Uptime SLA

24/7

Security Monitoring

0

Data Breaches

500K+

Websites Trust Us

Certifications & compliance

We maintain rigorous certifications and compliance standards to protect your data.

Certified

SOC 2 Type II

Annual audit verifying our security, availability, and confidentiality controls.

Certified

ISO 27001

International standard for information security management systems.

Compliant

GDPR Compliant

Full compliance with EU General Data Protection Regulation requirements.

Compliant

CCPA Compliant

Compliance with California Consumer Privacy Act for data protection.

Security features

Enterprise-grade security built into every layer of our platform.

Encryption at Rest & Transit

All data is encrypted using AES-256 at rest and TLS 1.3 in transit.

Secure Infrastructure

Hosted on AWS with multi-region redundancy and automatic failover.

Access Controls

Role-based access control, MFA enforcement, and audit logging.

Penetration Testing

Regular third-party penetration testing and vulnerability assessments.

24/7 Monitoring

Continuous security monitoring with real-time threat detection.

Incident Response

Documented incident response plan with 24-hour notification SLA.

Privacy principles

Our commitment to protecting your privacy.

Data Minimization

We only collect data that is necessary to provide our services.

Transparency

Clear documentation of what data we collect, how we use it, and who has access.

User Control

Users can access, export, or delete their data at any time.

No Data Selling

We never sell user data to third parties. Ever.

Security documents

Download our security documentation and legal agreements.

Security Whitepaper

Detailed overview of our security architecture and practices.

PDF

2.4 MB

Privacy Policy

How we collect, use, and protect your personal information.

Web

Terms of Service

Legal agreement governing use of Compliable services.

Web

Data Processing Agreement

GDPR-compliant DPA for enterprise customers.

PDF

1.1 MB

SOC 2 Report Summary

Executive summary of our latest SOC 2 Type II audit.

PDF

850 KB

Subprocessor List

Current list of third-party subprocessors we use.

PDF

320 KB

Security FAQ

How does Compliable protect my website data?
We use industry-leading security practices including AES-256 encryption at rest, TLS 1.3 for data in transit, and strict access controls. Your website data is processed in secure, SOC 2 certified environments and is never shared with third parties.
Does Compliable store sensitive user data?
No. Compliable does not store personal information about your website visitors. Our accessibility tools process data in real-time without persistent storage of end-user information.
Is Compliable GDPR compliant?
Yes. We are fully GDPR compliant. We offer Data Processing Agreements (DPAs), support data subject rights requests, and maintain appropriate technical and organizational measures as required by the regulation.
Can I get a copy of your SOC 2 report?
Yes. Enterprise customers can request a copy of our full SOC 2 Type II report under NDA. Please contact our sales team to initiate the request.
What happens if there's a security incident?
We have a documented incident response plan and will notify affected customers within 24 hours of confirming a security incident. We maintain a dedicated security team that monitors our systems 24/7.

Enterprise security requirements?

Our enterprise team can provide custom security questionnaire responses, SOC 2 reports under NDA, and dedicated security review calls.

CONTACT ENTERPRISE SALES

Our commitment to your trust

Security isn't just a feature—it's foundational to everything we do. We're committed to transparency about our practices and continuous improvement of our security posture. Your trust is earned, not given, and we work every day to deserve it.

Found a vulnerability?

We take security seriously and appreciate responsible disclosure. If you've found a security vulnerability, please report it to our security team.

REPORT TO SECURITY TEAM