Trust Center

Security you can verify

We hold ourselves to the same standard we help you reach. Here is how Regwolf protects your data — our certifications, practices, subprocessors and policies, in one place.

All systems operational

ISO 27001

Information-security management certified to ISO/IEC 27001.

Certified

SOC 2 Type II

Independent audit of security, availability and confidentiality.

Report available

GDPR

EU data residency, DPA and Standard Contractual Clauses.

Compliant

NIS2 aligned

Our own program is built to the NIS2 risk-management measures.

In surveillance
How we protect your data

Security built into every layer

Encryption

Encrypted end to end

TLS 1.2+ in transit and AES-256 at rest for all customer data, with managed key rotation.

Access

Least privilege & MFA

Role-based access, enforced MFA and SSO, with quarterly access reviews and full audit logs.

Residency

EU data residency

Customer data is stored and processed in the EU, on infrastructure with strong physical security.

Resilience

Backup & recovery

Encrypted, regularly tested backups with defined RPO/RTO and a documented disaster-recovery plan.

Monitoring

24/7 monitoring

Continuous logging, anomaly detection and alerting across infrastructure and application layers.

Testing

Independent testing

Annual third-party penetration tests and continuous vulnerability scanning with tracked remediation.

Subprocessors

Who we work with

SubprocessorPurposeRegion
AWS (Europe)Cloud hosting & storageEU — Frankfurt / Ireland
CloudflareCDN, DNS & DDoS protectionGlobal edge (EU data)
PostmarkTransactional emailEU
PlausiblePrivacy-friendly analyticsEU — Germany
IntercomCustomer support messagingEU / adequacy + SCCs

We give customers prior notice of subprocessor changes with a right to object, per our DPA.

Policies & documents

Everything in one place

Security & compliance

Need our SOC 2 report or a security review?

Customers and prospects under NDA can request our SOC 2 Type II report, penetration-test summary and security questionnaire. Email security@regwolf.com or report a vulnerability to the same address.