Trust Center

Security, privacy, and compliance are foundational to everything we build. Here you'll find all the information you need to trust Simply Asking with your data. Last updated: May 2, 2026

Compliance Status

CASA

Certified

SOC 2 Infrastructure

Infrastructure Partners

GDPR

Aligned

CCPA

Aligned

WCAG 2.1

AA Level

Security Highlights

Encryption

All data encrypted in transit (TLS 1.3) and at rest (AES-256) with managed key rotation.

Access Control

Role-based access with complete audit logging of all data access.

Infrastructure

Enterprise-grade cloud hosting with SOC 2 certified data centers and automatic failover.

Data Residency

Primary data centers in the United States. Data transfer mechanisms aligned with GDPR principles.

Policies & Documentation

Privacy Policy Terms of Service Security Policy Data Processing Subprocessors Data Retention Cookie Policy Acceptable Use Accessibility Bug Bounty DMCA Policy API Terms

Infrastructure Partners

Provider	Service	Certifications
Supabase	Database & Auth	SOC 2 Type II
Vercel	Frontend Hosting	SOC 2 Type II
Railway	Background Worker Hosting	SOC 2 Type II
OpenAI	AI Processing	SOC 2 Type II
Anthropic	AI Processing	SOC 2 Type II
Google	AI Processing	SOC 2, ISO 27001
LlamaParse	Document Extraction	SOC 2 Type II
Stripe	Payments	PCI DSS Level 1

See our full Subprocessor Registry for all third-party processors.

Questions About Security or Compliance?

Our team is ready to help with security assessments and compliance questions.

Security Team Legal Team

Was this helpful?