Security & Compliance

Platform Security

Pyze implements industry-standard security controls to protect customer data.

Data Protection

• Encryption in transit (TLS 1.2+)
• Encryption at rest (where applicable)
• Logical data isolation between customers

Access Control

• Role-based access control (RBAC)
• Least-privilege principles
• Secure authentication mechanisms

Monitoring & Logging

• System activity logging
• Monitoring for anomalous behavior
• Incident detection and response processes

Deployment Flexibility

Pyze supports multiple deployment models:

• Pyze-hosted SaaS environments
• Customer-managed environments on GCP

This allows customers to:

• Maintain full control over data residency
• Meet strict InfoSec and regulatory requirements

Data Processing Model

• Customers retain full control over their data
• Pyze operates as a data processor or subprocessor
• Data is processed solely to deliver the Services

Pyze does not sell or use customer data for advertising purposes.

The Pyze Data Processing Agreement is available here: Data Processing Addendum

Compliance Framework

Pyze aligns with industry-standard practices, including:

• GDPR (General Data Protection Regulation)
• SOC 2-aligned security practices

Subprocessors

Pyze uses trusted third-party providers for:

• Cloud infrastructure
• Monitoring and support

A current list of subprocessors is available here: Subprocessors

Incident Response

Pyze maintains incident response procedures to:

• Detect and respond to security incidents
• Notify customers in a timely manner
• Mitigate and remediate risks

Security Reviews

Pyze regularly:

• Reviews security controls and conducts SOC 2 audits
• Updates infrastructure and dependencies
• Performs internal assessments
• Conducts third-party penetration tests

Contact & Security Inquiries

For security or compliance questions:

security@pyze.com