Trust Center

Demurly is built with security at its core. Learn about our practices, compliance status, and commitment to protecting your data.

Security Practices

Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.3)

Access Controls

Row-level security with 142+ database policies ensuring data isolation

Infrastructure

Hosted on enterprise-grade cloud infrastructure (Vercel, Supabase)

Monitoring

24/7 automated monitoring with real-time alerting

Auditing

Comprehensive audit logs for all data access and modifications

Incident Response

Documented incident response plan with defined SLAs

Compliance Status

We take compliance seriously. Our platform is built to meet the highest security standards required by enterprise customers.

SOC 2 Type II

In Progress

Currently preparing for certification

Expected: Q2 2026

GDPR

Compliant

Full compliance with EU data protection regulations

CCPA

Compliant

California Consumer Privacy Act compliance

SOC 2 Readiness

20 of 22 controls implemented

91%

Overall Ready

Row-Level Security (142+ policies)
Encryption at rest (AES-256)
Encryption in transit (TLS 1.3)
Authentication system (MFA-ready)
Audit logging (event sourcing)
Input validation
Error handling
Secure headers (CSP, HSTS)
Dependency vulnerability scanning
TypeScript strict mode
Automated security testing

100% Codebase & Policy Compliance

All technical security controls and documentation are fully implemented

Loading platform health data...

Infrastructure & Vendors

Vercel

Application Hosting

SOC 2

Supabase

Database & Auth

SOC 2

Stripe

Payment Processing

SOC 2PCI DSS

Cloudflare

DDoS Protection & CDN

SOC 2

Request Security Documentation

Need detailed security documentation for your compliance review? We're happy to provide our security policies, incident response plan, and other documentation upon request.

Request DocumentationView Platform Health
Privacy PolicyTerms of ServiceCookie PolicyReport a Vulnerability
Trust Center | Demurly | Demurly