Compliance & Certifications

Weybre AI maintains the highest standards of compliance and security to protect your data and meet regulatory requirements.

Security Program

Weybre AI treats data protection as mission-critical. We align our security program with leading industry standards (SOC 2 Type II and ISO 27001) and apply the controls those standards require. While formal third-party certificates are in progress, we maintain comprehensive security protections today.

Independent audit reports and certificates will be published once obtained. For due diligence, request our security summary and operational controls documentation.

SOC 2 Type II

Controls aligned with security, availability, and confidentiality standards

ISO 27001

Information security management system (ISMS) controls implemented

GDPR & CCPA

Privacy principles followed with DPAs available on request

Compliance Standards

GDPR (General Data Protection Regulation)

We comply with all GDPR requirements including data subject rights, data processing agreements, and cross-border data transfer mechanisms.

CCPA (California Consumer Privacy Act)

We honor all CCPA rights including the right to know, delete, and opt-out of the sale of personal information.

HIPAA (Health Insurance Portability and Accountability Act)

For healthcare-related legal work, Business Associate Agreements (BAAs) are available on request for eligible customers.

Payment Security

All payment processing is handled through PCI DSS Level 1 certified payment processors.

Data Protection Measures

Encryption

AES-256 encryption at rest, TLS 1.3 in transit

Access Controls

Role-based access control (RBAC) and multi-factor authentication

Data Residency

Choose where your data is stored to meet local requirements

Audit Logs

Comprehensive logging of all data access and modifications

Data Backup

Automated daily backups with point-in-time recovery

Incident Response

24/7 security monitoring and incident response team

Available Documentation

We provide comprehensive documentation to support your due diligence and audit requirements:

  • Security summary and whitepaper
  • Data Processing Agreements (DPAs)
  • Business Associate Agreements (BAAs) for eligible customers
  • Security questionnaires and assessments
  • Penetration test summaries (available under NDA)
  • System architecture and data-flow overview

SOC 2 Type II reports and ISO 27001 certificates will be available once independent audits are completed.

Need compliance documentation?

Contact our compliance team to request reports and certificates.

Contact Compliance Team