Encryption
TLS 1.3 in transit, AES-256 at rest.
Certifications · Trust Center | TrackLayer
Trust Center
Certifications
Maps how independent assurance lines up with the regulations your counsel cares about.
Latest updates
SOC 2 Type II: In progress — request the current status letter or report packet under NDA. ISO 27001 certification work continues in parallel with annual penetration tests.
§ 01
Badges & scope
Badges summarise posture; procurement should rely on executed reports and contractual terms.
§ 02
Compliance matrix
Certification and regulation mapping with indicative status — confirm with your diligence packet.
| Certification / control | Regulation / framework | Current status | Evidence |
|---|---|---|---|
| SOC 2 Type II | AICPA Trust Services Criteria | In progress | Audit program underway; report packet under NDA when available |
| ISO 27001 | ISO/IEC 27001:2022 | In progress | ISMS scope + stage findings (under NDA) |
| HIPAA Security Rule | 45 CFR Part 160/164 | In progress | Aligned — BAA roadmap; subprocessors under review |
| GDPR | EU 2016/679 | In progress | DPA, ROPA excerpts, DSR runbooks |
| CCPA / CPRA | California Civil Code §1798 | In progress | Privacy notice + opt-out flow documentation |
§ 03
Control themes
Aligned with the security overview at /security — reuse for questionnaires.
Access control
SSO + 2FA, role-based access, and audit logging.
Network
VPC isolation, WAF, and DDoS protection.
Monitoring
24/7 SOC, anomaly detection, and incident response under 15 minutes.
Data residency
EU, US, and APAC regions with geo-aware routing.
Backup + DR
Hourly snapshots, 30-day retention, RTO under 4h, and RPO under 15min.
Code security
SAST, DAST, and SCA in CI with dependency review.
Vendor management
Sub-processors reviewed and audited annually.