A
Acme
Security & compliance

How Acme protects your data

Everything your security team needs to review Acme — certifications, audited controls, documentation, and answers.

Last updated July 2026·Status

Certifications & frameworks

SOC 2 Type II
Compliant

Audited annually by Prescott Assurance.

ISO 27001
In progress

Stage 2 audit scheduled Q4 2026.

GDPR
Compliant

DPA with SCCs available. EU data residency on request.

HIPAA
Not applicable

Acme does not process PHI.

Documents

Public documents download instantly. Gated documents require email verification — NDA-gated ones add a one-click NDA.

Security whitepaper
Architecture, encryption, and operational security overview
PublicDemo
SOC 2 Type II report
Full audit report, period ending March 2026
NDA requiredDemo
Penetration test summary — 2026
Third-party pen test summary and remediation status
NDA requiredDemo
Data processing agreement
Standard DPA with EU SCCs
Email-verifiedDemo

Subprocessors

VendorPurposeRegion
Amazon Web ServicesCloud infrastructureUS
StripePayment processingUS
PostmarkTransactional emailUS

FAQ

At rest with AES-256, in transit with TLS 1.2+.