Trust Center

Security is how we earn the loop.

Colabyr handles customer signal data with the controls demanded by the teams who hold us to the highest bar: security, legal, and procurement. This page is a single source of truth for those reviews.

ISO/IEC 27001:2022CertifiedSOC 2 and GDPR on the roadmap · HIPAA on requestFull framework status

Compliance

Certifications & frameworks.

Where we stand against the frameworks procurement teams ask about most.

ISO/IEC 27001:2022

Certified

A certified information security management system, independently audited and continuously maintained.

Request certificate

On the roadmap

SOC 2 Type II

Planned

Independent audit of our security, availability, and confidentiality controls.

GDPR

Planned

Alignment with EU data protection requirements, including Standard Contractual Clauses.

Data Processing Agreement

Planned

A pre-signed DPA with EU SCCs for customers processing EU or UK data.

HIPAA

On request

Safeguards for Protected Health Information on the enterprise tier.

Need a framework that isn't listed, or timelines on a specific certification? Talk to our team

Security

How customer data is protected.

The controls behind every signal we hold, from the wire to the data lifecycle.

Encryption

TLS 1.3 in transit and AES-256 at rest, with keys managed in AWS KMS.

Access controls

SSO via SAML 2.0, SCIM provisioning, role-based access, and IP allow-listing.

Infrastructure

Hosted on AWS with tenant data isolated at the storage layer and recoverable backups.

Data ownership

Export your data anytime. We never use customer data to train models, ours or anyone else’s.

Monitoring

Continuous monitoring and dependency scanning across our infrastructure.

Vulnerability disclosure

Independent penetration testing and a responsible disclosure program at [email protected].

Data residency

You pick the region. We never move it.

US-EAST

United States

us-east-1 (N. Virginia)

EU-WEST

European Union

eu-west-1 (Ireland) · GDPR-resident

AP-SOUTHEAST

Asia Pacific

ap-southeast-2 (Sydney) · Enterprise

Documentation

What you need for your review.

ISO 27001 certificate

Our current ISO/IEC 27001:2022 certificate and statement of applicability.

Request certificate

Privacy Policy

How we collect, use, and protect data across the platform.

Read policy

Terms of Service

The agreement that governs use of Colabyr.

Read terms

FAQ

Security questions, answered.

Is Colabyr ISO 27001 certified?

A certified information security management system, independently audited and continuously maintained.

How does Colabyr encrypt customer data?

TLS 1.3 in transit and AES-256 at rest, with keys managed in AWS KMS.

What access controls does Colabyr support?

SSO via SAML 2.0, SCIM provisioning, role-based access, and IP allow-listing.

Where is Colabyr hosted?

Hosted on AWS with tenant data isolated at the storage layer and recoverable backups.

Does Colabyr use my data to train AI models?

Export your data anytime. We never use customer data to train models, ours or anyone else’s.

Bring Colabyr to your team.

Contact sales View pricing