Security Standards & Data Protection
Our approach to compliance, privacy, and security. No overclaiming—just honest, transparent policies.
Legal Documents
Read our policies and agreements.
Our Approach to Compliance
What We Do
- Follow GDPR principles for data protection
- Encrypt data in transit and at rest
- Maintain audit logs for access tracking
- Provide DPAs for enterprise customers
- Process deletion requests within 30 days
What We Don't Claim
- We don't claim certifications we don't have
- We don't promise zero risk (no one can)
- We're honest about our current stage
We're working toward SOC 2 and ISO certifications. Contact us for our current security questionnaire.
Incident Response
What happens if something goes wrong.
Notification to affected customers
Monitoring for security events
Root cause analysis + prevention
In case of a security incident, we investigate immediately, notify affected customers within 72 hours, and provide a post-incident report with steps taken to prevent recurrence.
Request a DPA
Need a signed Data Processing Agreement? We're happy to provide one.
Quick Answers
Is ppcopilot GDPR compliant?
We follow GDPR principles for data protection. See our privacy policy for details.
Do you have SOC 2 certification?
We are working toward security certifications. Contact us for our current security posture.
Can I get a signed DPA?
Yes. Email security@ppcopilot.com to request a Data Processing Agreement.
What happens if there is a security incident?
We notify affected customers within 72 hours and work to resolve and prevent recurrence.
Questions about compliance?
Contact our security team for security questionnaires, DPAs, or compliance questions.