Security & Compliance
At Pyze, security and data protection are foundational to how we design, deploy, and operate our platform.
๐ Platform Security
Pyze implements industry-standard security controls to protect customer data:
Data Protection
-
Encryption in transit (TLS 1.2+)
-
Encryption at rest (where applicable)
-
Logical data isolation between customers
Access Control
-
Role-based access control (RBAC)
-
Least-privilege principles
-
Secure authentication mechanisms
Monitoring & Logging
-
System activity logging
-
Monitoring for anomalous behavior
-
Incident detection and response processes
โ๏ธ Deployment Flexibility
Pyze supports multiple deployment models:
-
Pyze-hosted SaaS environments
-
Customer-managed environments on GCP
This allows customers to:
-
Maintain full control over data residency
-
Meet strict InfoSec and regulatory requirements
๐ Data Processing Model
-
Customers retain full control over their data
-
Pyze operates as a data processor or subprocessor
-
Data is processed solely to deliver the Services
Pyze does not sell or use customer data for advertising purposes.
Pyze Data Processing Agreement is available here:
๐ https://www.pyze.com/dpa
๐งพ Compliance Framework
Pyze aligns with industry-standard practices, including:
-
GDPR (General Data Protection Regulation)
-
SOC 2-aligned security practices
๐งฉ Subprocessors
Pyze uses trusted third-party providers for:
-
Cloud infrastructure
-
Monitoring and support
A current list of subprocessors is available here:
๐ https://www.pyze.com/subprocessors
๐จ Incident Response
Pyze maintains incident response procedures to:
-
Detect and respond to security incidents
-
Notify customers in a timely manner
-
Mitigate and remediate risks
๐ Security Reviews
Pyze regularly:
-
Reviews security controls and conducts Soc2 audits
-
Updates infrastructure and dependencies
-
Performs internal assessments
- Conducts third party penetration tests
๐ฉ Contact & Security Inquiries
For security or compliance questions:
๐ง security@pyze.com