Security & trust

Enterprise-grade security for B2B customer data.

ISO 27001 certified. GDPR compliant. Data hosted in AWS Paris (EU). Built from day one for the security posture B2B customers expect.

ISO 27001 Certified

Independently audited. Certificate available on request.

GDPR Compliant

DPA available. Sub-processors documented.

EU Data Residency

AWS Paris (eu-west-3). Your data never leaves the EU.

How we protect your data

Security by default, not by tier.

Every account, every plan, every customer — the same security posture. Not an Enterprise-tier upsell.

Encryption in transit and at rest

TLS 1.3 for all connections. AES-256 encryption at rest. Database-level encryption for sensitive fields. Backups encrypted with rotating keys.

SSO & access control

SAML 2.0 and OIDC SSO on Scale and above. Role-based access control, IP allowlisting, and granular permission scopes. Audit trail on every administrative action.

EU data residency

Default residency in AWS Paris (eu-west-3). Data never leaves the EU unless you explicitly opt in. US and UK residency available on Enterprise and Custom plans.

ISO 27001 Certified

Certified by an accredited body. Annual surveillance audits. Full information security management system covering customer data handling end to end.

GDPR by design

Vockam SAS is the data controller. Sub-processors documented and audited. Data subject access requests handled within statutory deadlines. DPA available with e-signature.

Backups & availability

Continuous automated backups. Geographically distributed copies. AWS-managed high availability infrastructure with multi-AZ configuration.