Epiphany
Security & Compliance

Enterprise-Grade Compliance

Built with security and compliance at the core. Meet the strictest regulatory requirements while maintaining the agility your team needs.

Certifications & Standards

Independently verified security and compliance certifications

SOC 2 Type II

Independently audited for security, availability, and confidentiality controls

Certified

GDPR Compliant

Full compliance with EU General Data Protection Regulation requirements

Compliant

HIPAA Ready

Healthcare data security and privacy safeguards for regulated workloads

Available

ISO 27001

International standard for information security management systems

In Progress

Security Architecture

Multi-layered security controls protecting your data at every level

Data Encryption

  • AES-256 encryption for data at rest
  • TLS 1.3 for data in transit
  • End-to-end encryption for sensitive workflows
  • Encrypted backups with separate key management

Access Controls

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • Single Sign-On (SSO) with SAML 2.0
  • Granular permission management

Infrastructure Security

  • SOC 2 certified cloud infrastructure
  • Network isolation and segmentation
  • DDoS protection and WAF
  • Regular penetration testing

Monitoring & Audit

  • 24/7 security monitoring
  • Comprehensive audit logs
  • Real-time threat detection
  • Incident response procedures

Data Protection

Complete control over your data with industry-leading protection measures

Data Residency

Choose where your data is stored with regional data centers across North America, Europe, and Asia-Pacific.

Data Isolation

Your data is logically isolated from other customers with dedicated encryption keys and separate database instances.

Data Retention

Configure retention policies to automatically delete data after specified periods, ensuring compliance with your requirements.

Data Portability

Export your data in standard formats at any time. No vendor lock-in, you own your data.

Right to Deletion

Request deletion of your data at any time. We permanently remove data within 30 days of request.

Data Processing Agreement

Standard DPA available covering GDPR requirements for data processors and controllers.

Global Compliance

Supporting compliance frameworks worldwide

GDPR
European Union
CCPA
California, USA
PIPEDA
Canada
LGPD
Brazil
PDPA
Singapore
SOC 2
Global

Audit Reports & Documentation

Access our compliance documentation, security policies, and audit reports to support your due diligence process.

  • SOC 2 Type II Report
  • Security Whitepaper
  • Data Processing Agreement (DPA)
  • Penetration Test Results
Request Documentation

Report a Security Issue

If you discover a security vulnerability, please report it to our security team immediately.

Contact Security TeamView Privacy Policy