Trust Center
One place for security, privacy, status, and compliance
Built for procurement teams + security reviewers. Sign a mutual NDA at legal@eegbase.com for the gated documents.
Threat model, vulnerability disclosure, incident SLA
- ✓SOC 2 · Coalfire audit planned Q3 2026 (vendor selection in progress)
- ✓Independent pen-test · planned Q3 2026 (vendor selection in progress)
- ✓AES-256-GCM at rest · TLS 1.3 in transit
- ✓Quarterly internal red-team
- ✓Bug bounty (planned future update)
How we handle PHI + personal data
- ✓HIPAA Business Associate Agreement available
- ✓GDPR-compliant · uses EU-approved cross-border data contracts
- ✓PHIPA-compliant · ca-central-1 region
- ✓30-day data deletion · 72h breach notification
- ✓Plausible (cookie-less) analytics only
Real-time platform health + incident history
- ✓99.95% rolling 90-day uptime
- ✓3 regions · us-east-1 · eu-west-3 · ca-central-1
- ✓RTO 15 min · RPO 5 min
- ✓P0 incident SLA · 15-min ack / 4h mitigation / 5-day RCA
- ✓Public status page subscribable
WCAG 2.2 AA conformance
- ✓Deque Systems audit scheduled Q3 2026
- ✓VPAT 2.4 to follow audit completion
- ✓Section 508 compliant
- ✓Full keyboard navigation
- ✓Screen-reader optimized · ARIA live regions
Compliance documents
GDPR DPA + EU SCCs
Module 2 (controller-to-processor)