Legal & compliance

Clear terms. Strong protections. Nothing buried in the fine print.

The agreements that govern trAPIoka, the privacy commitments we make to you and your users, and the security posture behind the platform — all in one place.

Documents

Our legal agreements

Documentread ↗
Terms of Service

The agreement that governs your access to and use of trAPIoka.

Documentread ↗
Privacy Policy

What personal data we collect, why, how we use it, and your rights.

Documentread ↗
Data Processing Addendum

How we process customer personal data as a processor on your behalf.

Documentread ↗
Acceptable Use Policy

What you may and may not do when using the service.

Compliance

How we protect your data

trAPIoka is built so that security and compliance are properties of the platform, not features bolted on afterward. Our controls are designed to align with widely recognised frameworks including SOC 2 and ISO/IEC 27001, and to support GDPR and CCPA obligations.

Encryption everywhere

Data is encrypted in transit (TLS) and at rest. Secrets and credentials are sealed in a dedicated vault and never stored in plaintext.

Least-privilege access

Role-based access control, workspace isolation, and per-service identities keep access scoped to exactly what each user and component needs.

Full auditability

Every administrative mutation is written to an immutable audit log, and request activity is observable end to end.

Data residency & retention

You control where your data lives and how long it is retained, with configurable retention windows and export.

Need a security questionnaire completed, a signed DPA, or details of our sub-processors and certifications? Reach out via our contact page and our team will help.