/
Contact usSee pricingStart building
    Introduction
    Support
      Overview
    Message deliverability
      Overview
      Email troubleshooting
      SMS and WhatsApp troubleshooting
    Platform
      Account enumeration
      Supported browsers
      IP validation
      Rate limits
      App store reviews
      User locks
    Security & trust
      Security
      Privacy
      Compliance
    Glossary
Get support on SlackVisit our developer forum

Contact us

Home

/

Resources

/

Security & trust

/

Compliance

Compliance

Stytch is committed to trust and transparency. As such, we have a publicly available status site at which you can see the current status of our services, past incidents, as well as subscribe to updates.

Stytch is compliant with a range of industry standards and frameworks and can assist with your own security and regulatory needs:

  • SOC 2 Trust Service Criteria - Stytch maintains a SOC 2 type II report attesting to the company’s compliance with the AICPA’s Trust Service Criteria for Security, Availability, and Confidentiality.

  • ISO 27001 - Stytch maintains certification for the management and operation of an information security management system in conformance with the ISO 27001 standard.

  • HIPAA - Stytch is compliant with the Health Insurance Portability and Accountability Act as a business associate.

  • GDPR & CCPA - Stytch complies with and is committed to helping customers comply with the General Data Protection Regulation (EU 2016/679 GDPR) and California Consumer Privacy Act / California Privacy Rights Act (CCPA / CPRA). We’ve made enhancements to our services, processes, and contractual documents in order to help our customers meet their GDPR and CCPA compliance requirements.

  • PCI - Stytch supports companies requiring PCI compliance for their vendors. Additionally, Stytch services can support companies with their own PCI requirements.

  • PSD2 - Stytch services can help you meet PSD2 and strong customer authentication requirements.