AccessIQ
Back to Home

Trust & Security

Security at AccessIQ

Security is at the core of everything we do. We implement industry-leading security practices to protect your data and ensure the integrity of our platform.

Enterprise-Grade Security

Protecting millions of identities worldwide

256-bit

AES Encryption

99.99%

Uptime SLA

24/7

Security Monitoring

SOC 2

Type II Certified

Security Practices

Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. We use industry-standard key management practices.

Infrastructure Security

Our infrastructure is hosted on SOC 2 Type II certified cloud providers with redundancy across multiple availability zones.

Access Controls

Strict access controls ensure only authorized personnel can access production systems. All access is logged and regularly audited.

Regular Audits

We conduct regular security assessments, penetration testing, and vulnerability scans by independent third parties.

Employee Security

All employees undergo background checks and security training. Access follows the principle of least privilege.

Incident Response

We maintain a comprehensive incident response plan with 24/7 monitoring and rapid response capabilities.

Certifications & Compliance

SOC 2 Type II

Certified

Certified for security, availability, and confaccessiqlity trust service criteria.

GDPR

Compliant

Compliant with EU General Data Protection Regulation requirements.

HIPAA

Ready

Ready for healthcare industry compliance with appropriate BAA agreements.

PCI-DSS

Compliant

Payment card industry data security standards compliant.

Data Protection

Data Centers

Our infrastructure is hosted in SOC 2 Type II certified data centers with physical security controls including biometric access, 24/7 surveillance, and environmental controls.

Data Isolation

Customer data is logically isolated using secure multi-tenant architecture. Enterprise customers can opt for dedicated infrastructure with additional isolation guarantees.

Backup and Recovery

We maintain regular backups with point-in-time recovery capabilities. Backups are encrypted and stored in geographically separate locations to ensure business continuity.

Data Retention

We retain data only as long as necessary to provide our services or as required by law. Upon account termination, customer data is securely deleted within 90 days.

Vulnerability Disclosure

We appreciate the security research community's efforts in helping us maintain the security of our platform. If you discover a security vulnerability, please report it responsibly.

Report a VulnerabilitySecurity Contact: security@accessiq.app

Security FAQ

Where is my data stored?

By default, data is stored in US-based data centers. Enterprise customers can choose from multiple regions including EU, US, and APAC to meet data residency requirements.

Do you offer a Data Processing Agreement (DPA)?

Yes, we provide a GDPR-compliant Data Processing Agreement to all customers. Contact us at legal@accessiq.app to request a DPA.

How do you handle security incidents?

We have a comprehensive incident response plan. In the event of a security incident affecting your data, we will notify you within 72 hours as required by GDPR and provide regular updates on remediation efforts.

Can I request a security assessment or audit?

Enterprise customers can request our SOC 2 Type II report, penetration test summaries, and other security documentation. We also support customer security questionnaires and assessments. Contact sales@accessiq.app for more information.

Have Security Questions?

Our security team is here to help. Contact us for security documentation, compliance questions, or to report a vulnerability.

Contact Security Team