We understand that Pods can contain highly sensitive commercial and client data. Security is embedded into every layer of the trumpet platform, from infrastructure and encryption to access controls and compliance processes.
π Legal Framework
Our Terms of Service and Privacy Policy can be viewed here.
These documents outline how we collect, process, and protect your data, and your rights as a customer.
π GDPR Compliance
trumpet is fully GDPR compliant and can be used in a GDPR compliant manner.
We operate with European data hosting, defined data processing practices, and documented security controls to ensure compliance with data protection regulations.
π‘οΈ SOC 2 Certification
trumpet is SOC 2 Type I and SOC 2 Type II certified. This certification validates that our systems and controls are independently audited and meet the Trust Services Criteria for security, availability, and confidentiality.
Our infrastructure providers are also SOC 2 compliant, including:
Amazon Web Services (AWS) in the Europe region
MongoDB Atlas in Ireland
π Encryption and Data Protection
All data is encrypted in transit using secure HTTPS and TLS protocols.
Data is encrypted at rest within our infrastructure. We implement strict access controls, monitoring, and secure authentication mechanisms to protect customer information at all times.
βοΈ Infrastructure and Shared Responsibility
Amazon Web Services provides the secure cloud foundation that trumpet is built on. AWS enables us to deploy and scale reliably while maintaining strong security controls.
Security follows a shared responsibility model:
trumpet protects your data in the cloud through application-level controls, access management, monitoring, and secure development practices.
AWS protects the underlying cloud infrastructure, including physical security of European data centres, environmental safeguards, site monitoring, and infrastructure resilience.
This layered approach ensures your data is protected both at the infrastructure level and within the application itself.
If you require further technical documentation or compliance evidence, please visit our Trust Centre.
Or contact your account manager or support team for assistance.