Trust Center

Transparency is the foundation of trust. Here you'll find everything you need to evaluate StoreHusk's security posture, compliance certifications, and data handling practices.

Compliance Certifications

We maintain the industry's most rigorous compliance certifications, independently audited and continuously monitored.

πŸ›‘οΈ

SOC 2 Type II

Annual audit covering security, availability, processing integrity, confidentiality, and privacy trust service criteria.

βœ“ Current
🌐

ISO 27001

Certified information security management system with annual surveillance audits and triennial recertification.

βœ“ Current
πŸ‡ͺπŸ‡Ί

GDPR

Full compliance with EU data protection regulations. DPA available. EU representative appointed.

βœ“ Compliant
πŸ₯

HIPAA

Business Associate Agreement available. Technical, administrative, and physical safeguards implemented.

βœ“ BAA Available
πŸ›οΈ

FedRAMP

FedRAMP Moderate authorized for U.S. federal government agencies and contractors.

βœ“ Authorized
πŸ’³

PCI DSS

Level 1 service provider compliance for payment card data handling and processing.

βœ“ Level 1

Data Residency

Choose where your data lives. We operate data centers in multiple regions to meet your sovereignty requirements.

πŸ‡ΊπŸ‡Έ

North America

US-East, US-West, Canada

πŸ‡ͺπŸ‡Ί

Europe

Ireland, Germany, Netherlands

🌏

Asia-Pacific

Singapore, Tokyo, Sydney

πŸ‡¬πŸ‡§

United Kingdom

London

Security Overview

A summary of our security architecture and operational practices.

Infrastructure Security

Multi-tenant architecture with strict isolation. All infrastructure runs on SOC 2 certified cloud providers with redundant availability zones. Network segmentation, WAF, and DDoS protection at every edge.

Application Security

Secure SDLC with mandatory code reviews, static analysis, and dynamic testing. Dependencies continuously scanned for vulnerabilities. Regular third-party penetration testing.

Operational Security

24/7 Security Operations Center with automated threat detection and response. All employee access requires MFA and is logged. Background checks for all personnel with data access.

Incident Response

Documented incident response plan with defined severity levels, escalation procedures, and communication protocols. Customers notified within 72 hours of confirmed data breaches.

Need compliance documentation?

Request our SOC 2 report, penetration test summary, or other security documentation under NDA.

Request documentation