β
Compliance & Certifications
SOC 2 Type II
GDPR Compliant
ISO 27001
PCI DSS Level 1
SOC 2 Type II Compliance
ARIA Oracle has achieved SOC 2 Type II certification, demonstrating our commitment to:
- Security: Protection against unauthorized access
- Availability: 99.99% uptime guarantee
- Processing Integrity: Accurate fraud detection processing
- Confidentiality: End-to-end encryption of sensitive data
- Privacy: GDPR-compliant data handling
Audit reports available upon request for enterprise customers.
GDPR Compliance
We are fully compliant with the EU General Data Protection Regulation:
- Data minimization: We collect only essential transaction data
- Right to erasure: Users can request data deletion
- Data portability: Export your data in JSON format
- Breach notification: 72-hour notification for any incidents
- Data Processing Agreements (DPA) available
PCI DSS Level 1
As a Level 1 PCI DSS compliant service provider, we:
- Never store full credit card numbers or CVV codes
- Use tokenization for all payment data
- Conduct quarterly vulnerability scans
- Maintain strict access controls and logging
ISO 27001 Certification
Our information security management system (ISMS) is certified to ISO 27001 standards, ensuring:
- Risk assessment and management processes
- Regular security audits and penetration testing
- Incident response and business continuity plans
- Employee security training and awareness
Data Residency
We offer data residency options in the following regions:
- πΊπΈ United States (AWS us-east-1)
- πͺπΊ European Union (AWS eu-west-1, Frankfurt)
- π¬π§ United Kingdom (AWS eu-west-2, London)
- π¦πΊ Australia (AWS ap-southeast-2, Sydney)
Cryptographic Standards
All cryptographic proofs use industry-standard algorithms:
- Encryption: AES-256-GCM for data at rest
- Transport: TLS 1.3 for data in transit
- Hashing: SHA-256 for proof generation
- Blockchain: Ethereum mainnet for anchoring
Audit & Verification
Every fraud decision includes a cryptographic proof that can be independently verified on the blockchain. This provides:
- Immutable audit trail for regulators
- Tamper-proof evidence for disputes
- Public verifiability without exposing sensitive data
Questions?
For compliance inquiries or to request audit reports, contact: compliance@ariaoracle.com
β Back to Home