Compliance

Enterprise Compliance

G8KEPR is built to help you meet the most stringent compliance requirements, from GDPR to SOC 2.

Compliance Standards We Support

GDPR

General Data Protection Regulation (EU)

  • Right to access and export data
  • Right to be forgotten (data deletion)
  • Data processing agreements
  • Privacy by design principles
  • Data breach notifications

SOC 2 Type II

Service Organization Control (In Progress)

  • Security controls and monitoring
  • Availability and uptime SLAs
  • Processing integrity validation
  • Confidentiality safeguards
  • Annual third-party audits

ISO 27001

Information Security Management (Aligned)

  • Information security policies
  • Risk assessment procedures
  • Access control mechanisms
  • Incident response plans
  • Business continuity planning

CCPA

California Consumer Privacy Act

  • Disclosure of data collection
  • Opt-out of data sales
  • Access to personal information
  • Data deletion requests
  • Non-discrimination rights

Tamper-Evident Audit Logging

Every API request is logged with tamper-evident SHA-256 hash chains for compliance audits:

Immutable Logs

Hash chains prevent log tampering

Complete Audit Trail

Track every API request and response

Compliance Ready

Export logs for SOC 2, GDPR audits

Long-Term Retention

Configurable retention up to 7 years

Data Processing Agreement (DPA)

For Enterprise customers, we provide a comprehensive Data Processing Agreement covering:

  • Data processing instructions
  • Security measures and controls
  • Sub-processor disclosures
  • Data breach notification procedures
  • International data transfers
  • Audit rights and compliance
Request DPA

Need Compliance Documentation?

Contact our compliance team for SOC 2 reports, security questionnaires, or DPAs.

Contact Compliance Team