Trust Center

SetAIComply runs on Railway (EU Amsterdam) for all application services including the frontend, API, PostgreSQL database, and Redis cache. Stripe handles payments, Resend delivers transactional email, and Anthropic powers AI generation. All customer data is stored and processed within the EU.

We offer a Data Processing Agreement on request. Download the template at DPA.

• Encryption at rest for all customer data
• TLS 1.2+ in transit for every connection
• Role-based access control and least-privilege internally
• Tamper-evident audit log across sensitive actions
• Documented incident response with 24h acknowledgement SLA
• Regular dependency updates and automated vulnerability scans

security@setaicomply.com · We respond within 24 hours.

Certifications status

Planned: ISO 27001 (target Q3 2026) and SOC 2 Type II (target Q4 2026). Neither is active yet — we only claim what we actually hold.

GDPR

SetAIComply is GDPR-native. Full details in our Privacy Policy.