Compliance Certifications — SOC 2 Type II, ISO 27001, PCI DSS, GDPR

SOC 2 Type II is an audit framework developed by the American Institute of CPAs (AICPA) that evaluates an organization’s controls over security, availability, processing integrity, confidentiality, and privacy. Cloudairy’s SOC 2 Type II report covers an extended observation period, demonstrating that our controls are not only designed effectively but also operate effectively over time. Available on Business and Enterprise plans.

ISO 27001 is the international standard for information security management systems (ISMS). Cloudairy’s ISO 27001 certification demonstrates that we have established, implemented, maintained, and continually improve a systematic approach to managing sensitive information. Available on the Enterprise plan.

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that companies that process, store, or transmit payment card data maintain a secure environment. Cloudairy’s PCI DSS compliance ensures the highest standards of data protection for financial and payment-related information. Available on the Enterprise plan.

The General Data Protection Regulation (GDPR) is the European Union’s comprehensive data privacy regulation. Cloudairy is fully GDPR-compliant, ensuring that personal data of EU residents is processed lawfully, transparently, and securely. We support data subject requests, data portability, and the right to erasure. Available on all plans.

Enterprise customers can request SOC 2 reports, ISO 27001 certificates, PCI DSS attestations, and GDPR documentation by contacting [email protected] or through your account manager.