Trust Center

ISO/IEC 27001:2022 certified and GDPR compliant. Audit reports, certifications, sub-processor lists, DPIA, and pentest summaries - all available on request, same business day.

Certifications & Compliance

Independently verified. Contractually enforced.

Certified

ISO/IEC 27001:2022

Independently audited information-security management system covering people, process, and technology. Surveillance audits annually; recertification every three years.

Certified

GDPR Compliant

Lawful-basis mapping, data-subject rights, processor obligations, and EU data-residency options. DPA available on request.

Need audit reports, DPIA, or the full sub-processor list?

Request documents
Our Commitments

Three promises we write down so we can’t weasel out of them.

We'll never train on your data.

Your chats, assets, files, and integrations are yours. We don't use them to train shared models. Period.

We'll never re-sell your data.

No data brokers. No partner ecosystem that syphons your customer list. Your Org context stays in your Org.

We'll tell you when something goes wrong.

Security incident affecting customer data → email within 24 hours, full write-up within 72. No spin, no delay.

Sub-processors

Third-party data handlers.

Opportune Technologies HR

Opportune Technologies HR

HR / People Operations

www.opportunehr.com
India
Vercel

Vercel

Hosting / Infrastructure

vercel.com
Singapore
Slack

Slack

Communications

slack.com
Global
Microsoft Entra (Azure AD)

Microsoft Entra (Azure AD)

Identity & Access

www.microsoft.com/en-in/security/business/microsoft-entra
Global
Mailchimp

Mailchimp

Email Marketing

mailchimp.com
Global
Google Cloud

Google Cloud

Cloud Infrastructure

cloud.google.com
Mumbai
Scrut Automation

Scrut Automation

Compliance Automation

app.scrut.io
India
GitHub

GitHub

Code / Version Control

github.com
Global
OpenAI

OpenAI

AI Infrastructure

openai.com
Global
Neon Tech

Neon Tech

Database

neon.com
Singapore
Stripe

Stripe

Payments

stripe.com
Global
Clerk

Clerk

Authentication

clerk.com
Global
Request Documents

Ask for what you need.

Fill in the form and we’ll respond the same business day. No NDAs required for standard documents.

FAQ

Common questions.

How quickly do you respond to trust center requests?

Same business day for standard requests (audit reports, sub-processor list, DPIA). Security questionnaires take up to 3 business days depending on length.

Where is customer data stored?

Primary data residency is in the EU (AWS eu-west-1). Enterprise plans can request US or APAC residency. All regions use AES-256 at rest and TLS 1.3 in transit.

Can we sign a Data Processing Agreement (DPA)?

Yes. A standard DPA is available to all paying customers. Enterprise customers can request a custom DPA. Email legal@strique.io or request it through this form.

Does Strique use my data to train AI models?

Never. Your data - including chats, assets, creative files, and integrations - is never used to train Strique's models or any third-party models. This is a contractual commitment, not just a policy.

What happens to my data when I cancel?

Your data is available for export for 30 days after cancellation, then permanently deleted from all systems including backups. You'll receive a deletion confirmation email.

Security team needs a deeper look?

Audit reports, pentest summaries, DPIA, sub-processor list, security questionnaire - same day.

Request documents