Compliance & Certifications

Our commitment to security standards and regulatory compliance

← Back to Home

Current Compliance Status

Transparency First: We believe in honest disclosure about our compliance status. Below is our current state and roadmap for certifications and regulatory compliance.
GDPR Compliance
Active

Full compliance with EU General Data Protection Regulation. Users have the right to access, correct, delete, and export their data.

CCPA Compliance
Active

California Consumer Privacy Act compliant. California residents have enhanced privacy rights and control over their data.

256-bit Encryption
Active

Industry-standard encryption for all files at rest. Data in transit protected with TLS 1.3.

SOC 2 Type II
Working toward

We operate to SOC 2 Type II controls internally and will engage a formal third-party audit when a customer engagement requires the report.

ISO 27001
Working toward

Same approach as SOC 2 — controls are operated to the standard internally; we pursue formal certification when our customer base requires it.

PCI DSS
Via Stripe

Payment processing handled by Stripe (PCI Level 1 certified). We never store or handle credit card data directly.

Our Approach to Certifications

We invest in security continuously and pursue formal certifications as our customer base requires them. The controls described on the Security page — encryption, access management, change management, monitoring, backups, incident response — are operated to SOC 2 Type II standards internally today.

If a SOC 2, ISO 27001, HIPAA, or other formal attestation is required for your purchase, reach out to compliance@sbvault.app and we will discuss scope, timeline, and current status.

Security Standards We Follow

Data Protection

Full technical details on the Security page.

Privacy Standards

Operational Security

Jurisdiction & Data Residency

Company Information:
Legal Entity: SBVault (SkillBreed LLC)
Incorporation: Oakland Park, Florida, United States
Data Location: United States (enterprise-grade US-based cloud data centers)
Governing Law: Florida state law and U.S. federal law

All data stored in SBVault is hosted on enterprise-grade cloud infrastructure located in the United States. Data is subject to U.S. jurisdiction and legal processes.

International Data Transfers

For users outside the United States, data is transferred to and processed in the U.S. We rely on the following safeguards:

Data Processing Addendum (DPA)

A Data Processing Addendum incorporating the EU Standard Contractual Clauses is available to business customers on request. Email compliance@sbvault.app with your company name and the address you'd like the executed copy returned to.

Subprocessors

The categories of subprocessors who process personal data on our behalf — cloud infrastructure, payment processing, AI model provider, antivirus/malware-scan provider, bot-protection provider, inbound and outbound mail providers — are listed on the Privacy page with each category's purpose and the data it receives. The specific named providers behind each category are maintained in our internal subprocessor record (GDPR Art. 30) and are available on request via compliance@sbvault.app — business customers can request the named list as an appendix to a signed Data Processing Addendum (DPA). Material changes are announced in the privacy policy and (for business customers under a DPA) by direct notice.

Third-Party Audits & Certifications

Current Status: SBVault has not yet completed a third-party security audit. Our internal controls are aligned with SOC 2 Type II — we will engage a formal audit when a customer engagement requires the report. Contact compliance@sbvault.app for the latest status.

Why This Matters

Third-party audits provide independent verification of our security practices. While we follow industry best practices, we acknowledge that independent certification is important for enterprise trust.

Our Infrastructure Partners

We rely on certified infrastructure and security providers:

Named providers behind each category are available on request via compliance@sbvault.app.

Compliance & Legal Inquiries

For any compliance, legal, security, or privacy-related questions, reach out to our team:

Email: support@sbvault.app
Company: SBVault · A SkillBreed LLC Company · Oakland Park, Florida, USA
Response Time: Within 72 hours

Last Updated: January 29, 2026