Apployd
Get Started

Legal

Compliance Program

Security and privacy controls that support enterprise governance and regulatory obligations.

Status

Compliance posture

GDPR

Active

Data processing controls and user rights workflows are in place.

CCPA/CPRA

Active

Processes support access, deletion, and disclosure obligations.

SOC 2 Type II

In Progress

Control evidence collection and policy documentation are ongoing.

ISO 27001

In Progress

Security management framework mapping and control alignment are underway.

HIPAA

Not Supported

Apployd is not currently HIPAA-compliant and does not provide a default BAA.

Encryption in Transit

Active

TLS is enforced across dashboard, API, and service communications.

Encryption at Rest

Active

Platform data and secrets storage are protected with encryption controls.

Controls

Program control areas

Access Control

  • Role-based access control for organizations and projects.
  • Scoped permissions for owner, admin, developer, and viewer roles.
  • Auditable access-change history for governance reviews.

Operational Security

  • Runtime isolation with project-level network separation.
  • Deployment logs and event trails for incident investigations.
  • Continuous hardening of build and runtime workflows.

Data Governance

  • Defined retention boundaries for operational and billing records.
  • Policy-driven handling for privacy and legal requests.
  • Support for customer-controlled infrastructure ownership models.

Compliance documentation request

Contact our team for security questionnaires, policy details, and enterprise review workflows.

Privacy PolicyTerms and ConditionsContact Compliance