Trust Center

Security, compliance, and data protection are foundational to Hatchproof. Learn how we protect your information and maintain the highest standards of trust.

Compliance & Certifications

SOC 2 Type II

Certified

HIPAA

Assessment Ready

GDPR

Implemented

EU AI Act

In Progress

ISO 42001

Planned

NIST AI RMF

Aligned

Google

AI Partner

Security Overview

Data Encryption

AES-256 at rest, TLS 1.3 in transit. Industry-standard cryptographic protocols.

Infrastructure

Hosted on Google Cloud Platform, us-central1. Redundancy, HA, backups, DR.

Access Control

RBAC with least privilege. MFA enforced. SSO via SAML 2.0 & OpenID Connect.

Monitoring

24/7 real-time monitoring. Threat detection, intrusion prevention, incident response.

Subprocessors

Vendor	Purpose	Region
Google Cloud	Infrastructure	US
MongoDB Atlas	Database	US
OpenAI	AI/ML	US
Anthropic	AI/ML	US
Google Gemini	AI/ML	US
Linear	Project Mgmt	US
GitHub	Version Control	US
Cloud Build	CI/CD	US
Sentry	Error Monitoring	US
SendGrid	Email	US
Stripe	Payments	US

FAQ

All data is stored on GCP us-central1 with redundancy. AES-256 encryption at rest, TLS 1.3 in transit. Automated backups and disaster recovery in place.

Yes, SOC 2 Type II certified by Sensiba LLP. Contact security@hatchproof.com for a copy of our report.

HIPAA assessment-ready with controls implemented. Not yet a covered entity and do not handle PHI currently. Contact us for your compliance needs.

Primary: OpenAI. Also: Anthropic Claude, Google Gemini. Google Cloud AI Partner. Data not used for AI provider model training.

Email security@hatchproof.com with your requests. We provide SOC 2, HIPAA, GDPR, and other compliance documentation.