Back to Home

Compliance & Certifications

Arvad.ai is committed to maintaining the highest standards of compliance with international regulations and industry frameworks.

We understand that compliance is critical for businesses operating in regulated industries. Our platform is designed to meet stringent compliance requirements, and we continuously work to achieve and maintain certifications that matter to our customers. Below you'll find detailed information about our current compliance status and roadmap.

Regulatory Compliance

GDPR Compliance

Fully Compliant

European Union

General Data Protection Regulation compliance for all EU users

  • Right to access personal data
  • Right to rectification and erasure
  • Data portability support
  • Privacy by design and default
  • Data processing agreements with all vendors
  • EU representative appointed

CCPA Compliance

Fully Compliant

California, USA

California Consumer Privacy Act compliance

  • Consumer rights notices
  • Do Not Sell My Personal Information option
  • Data deletion requests honored within 45 days
  • Detailed privacy policy disclosure
  • Opt-out mechanisms for data sales

SOC 2 Type II

In Progress

United States

Service Organization Control audit certification

  • Security controls audit
  • Availability assurance
  • Processing integrity verification
  • Confidentiality protection
  • Privacy safeguards
  • Annual recertification process

ISO 27001

Planned Q2 2026

International

Information Security Management System certification

  • Risk assessment and treatment
  • Information security policies
  • Asset management procedures
  • Access control mechanisms
  • Incident response planning
  • Business continuity management

HIPAA Readiness

Enterprise Plan

United States

Health Insurance Portability and Accountability Act compliance

  • Business Associate Agreements (BAA)
  • PHI encryption and access controls
  • Audit logging and monitoring
  • Breach notification procedures
  • Regular risk assessments
  • Workforce training programs

PCI DSS

Via Payment Processors

International

Payment Card Industry Data Security Standard

  • Secure payment processing via Stripe
  • No storage of card data
  • Encrypted payment transactions
  • Regular security scanning
  • Network segmentation
  • Quarterly compliance reviews

Security Frameworks

NIST Cybersecurity Framework

Comprehensive framework for managing cybersecurity risks

  • Identify: Asset management and risk assessment
  • Protect: Access control and data security
  • Detect: Continuous monitoring and detection
  • Respond: Incident response planning
  • Recover: Recovery planning and improvements

CIS Controls

Center for Internet Security critical security controls

  • Inventory and control of hardware assets
  • Continuous vulnerability management
  • Controlled use of administrative privileges
  • Secure configuration for hardware and software
  • Maintenance, monitoring, and analysis of audit logs

Data Residency Options

We offer data residency options to help you meet local data protection requirements. Choose where your data is stored and processed:

United States

Available
us-east-1 (Virginia)us-west-2 (Oregon)

European Union

Available
eu-west-1 (Ireland)eu-central-1 (Frankfurt)

Asia Pacific

Available
ap-southeast-1 (Singapore)ap-northeast-1 (Tokyo)

Canada

Coming Q1 2026
ca-central-1 (Montreal)

Audit & Reporting

Audit Logs

Comprehensive audit logging for all system activities:

  • User authentication and authorization events
  • Data access and modification tracking
  • API calls and system changes
  • 90-day retention with export capabilities

Compliance Reports

Enterprise customers can access detailed compliance reports:

  • SOC 2 Type II audit reports
  • Penetration testing results
  • Data processing agreements
  • Custom compliance documentation

Enterprise Compliance Support

Need additional compliance capabilities? Our Enterprise plan includes:

  • Custom compliance requirements
  • Dedicated compliance manager
  • Business Associate Agreements (BAA)
  • Custom data residency options
  • Extended audit log retention
  • Priority security support
Contact Sales

Compliance Questions?

Our compliance team is here to help answer your questions and provide the documentation you need.