Trust Center
What we have in place, what’s coming, and how to verify.
Compliance posture
In place
GDPR-aligned
Data residency in EU on request. Privacy + cookie consent live.
In place
HIPAA-ready architecture
BAA available for healthcare engagements. Encryption at rest + in transit.
In progress
SOC2 Type II
Vanta-monitored. Audit window opens Q4 2026.
In place
Encryption
AES-256 at rest, TLS 1.3 in transit.
In place
NDA + DPA
Templates ready. 24-hour turnaround.
Planned
ISO 27001
Roadmapped for 2027.
How we handle data
Where is client data stored?▾
Default: AWS in your preferred region (US/EU/UAE). For HIPAA engagements, we use AWS regions that support HIPAA workloads.
Who has access on our side?▾
The lead engineer for your engagement and one senior team member. Access is logged and revoked on engagement end.
What happens at engagement end?▾
You receive: source code, infrastructure runbook, all documentation. We delete our copies within 30 days and provide a deletion certificate.
Can you sign our DPA / vendor questionnaire?▾
Yes. 48-hour turnaround on standard questionnaires. We have prefilled templates for HIPAA, GDPR, and SOC2-equivalent vendor reviews.
Do you support EU/US/UAE data residency?▾
Yes. Specify your residency requirement during discovery and we configure infrastructure accordingly.
For procurement teams
Vendor security pack with prefilled questionnaire responses. 48-hour turnaround.
Request the security packReal-time service status
status.skygnosis.com