Enterprise-Grade Security & Compliance

Everything you need to pass corporate security reviews and audit requirements.

GDPR
Compliant
CCPA
Compliant
SOC 2
Roadmap

Enterprise-Grade Security. Out of the Box.

GDPR & CCPA compliant. SOC 2 on our certification roadmap. Multi-region redundancy. Your data stays yours.

GDPRCCPASOC 2 Roadmap

Certifications & Standards

GDPR

EU Data Protection

Data residency, consent, data subject rights. Supported via jurisdiction pinning.

CCPA

California Consumer Privacy

Equivalent US regulation. Supported via data handling policies.

SOC 2 Type II

Certification Roadmap

Planned third-party audit covering security, availability, and confidentiality controls. On our certification roadmap.

Inherited Enterprise Certifications

Our infrastructure provider, Cloudflare, holds these certifications. As a Phleid customer, you inherit these protections automatically.

Your Data Stays Where It Belongs

EU

GDPR (European Union)

  • EU customer data stored exclusively in EU data centers
  • Powered by Cloudflare D1 with jurisdiction: eu constraint
  • Automatic read replicas within EU only (WEUR, EEUR)
  • No data transfers outside EU
  • Compliant with GDPR Articles 32 (Security), 44 (International Transfers)
US

CCPA (California, USA)

  • US customer data stored in US and North American data centers
  • Consumer rights: Access, Delete, Opt-Out
  • Compliant with CCPA consumer rights requirements
  • Phleid acts as Service Provider per CCPA terms

Data Retention & Deletion

Default Retention
30 days (configurable per contract)
Data Deletion
Available on-demand via dashboard
Backups
30-day time travel (point-in-time recovery)

Enterprise Infrastructure Built for Scale

Multi-Region Redundancy

Architecture3 primary DBs (US, EU, APAC)
Replication Lag30-75ms
FailoverAutomatic
SLA99.99%
DDoS ProtectionUnlimited
Recovery30-day time travel

Encryption & Access Control

Data at RestAES-256
Data in TransitTLS 1.3 (min)
API AccessOAuth 2.0 via Auth0
Network AccessZero Trust
Audit LogsEnterprise tier

Performance

LatencyNearest replica
EU Requests~5-10ms internal
US Requests~30-45ms internal
ConsistencySessions API

What You Get

Data Processing Addendum (DPA)
Available on request
Business Associate Agreement (BAA)
Available for healthcare
Vendor Security Questionnaire Response
Available pre-filled template
GDPR Compliance Statement
Available downloadable
CCPA Compliance Statement
Available downloadable
Incident Response SLA
Available Enterprise plan
Uptime SLA (99.99%)
Available Enterprise plan

Answering Your Security Checklist

Staying Ahead of Regulations

SOC 3
Early 2026
Proposed
HIPAA support
2026
Planned
UK GDPR
Current
Same as EU
Canada PIPEDA
2026
In Progress
Australia Privacy Act
2026
Planned

Ready for Enterprise?

Questions about compliance, security, or contracts? Our security team is ready to help you pass your audit.

compliance@phleid.com

Built on Cloudflare|GDPR Compliant • CCPA Compliant • SOC 2 Roadmap