Trust Center

Real-time transparency into our security, privacy, and operational practices.

System Status

✓ All Systems Operational

Operational

API Services

99.97% uptime (90 days)

Operational

Database

100% uptime (90 days)

Operational

Web Portal

99.99% uptime (90 days)

Operational

Analysis Engine

Avg: 4.2 min per scan

Live Status: Subscribe to updates at status.checkappsec.com for real-time incident notifications.

Performance Metrics

250ms

Average Response Time

API endpoints (95th percentile)

4.2min

Average Scan Time

Standard iOS application

<1hr

Incident Response

Critical security issues

Data Handling & Privacy

Data Residency

Primary Region: US-East-1 (N. Virginia)
Data Sovereignty: Customer choice for enterprise
Cross-Border Transfers: None (data stays in region)

Encryption

At Rest: AES-256 encryption (FIPS 140-2)
In Transit: TLS 1.3 with perfect forward secrecy
Key Management: AWS KMS with automatic rotation

Zero Retention Policy

All uploaded files and analysis results are automatically deleted after 2 hours. No backups, no archives, no permanent storage. Your proprietary applications never leave your control.

Third-Party Services & Subprocessors

We work with carefully vetted third-party services. All subprocessors maintain security certifications and comply with data protection regulations.

Amazon Web Services (AWS)

✓ SOC 2, ISO 27001

Infrastructure hosting, compute, database, and storage services

Data Processing Agreement: Available

OpenAI

✓ Zero Retention

AI-powered vulnerability analysis (GPT-4)

Data Processing Agreement: Zero retention policy active

Paddle

✓ PCI DSS Level 1

Payment processing and subscription management

We never store payment card information

Vercel

✓ SOC 2, ISO 27001

Frontend hosting and CDN delivery

Static content only, no user data processed

Download complete subprocessor list →

Privacy & Compliance

GDPR Compliant

EU General Data Protection Regulation

✓ Data minimization
✓ Right to erasure
✓ Privacy by design

CCPA Compliant

California Consumer Privacy Act

✓ No sale of data
✓ Right to delete
✓ Transparent practices

SOC 2 Type II

Service Organization Control

• In progress (Q2 2026)
• Independent audit
• Annual certification

Transparency & Reporting

Security Incidents

Data breaches (all time)

Last updated: February 28, 2026

Government Requests

Data requests received (2025)

Published annually

Questions About Our Trust & Security?

Our team is here to answer any questions about our security practices, compliance status, or data handling.

Last Updated: February 28, 2026

Back to Home

Trust Center

Real-time transparency into our security, privacy, and operational practices.

System Status

✓ All Systems Operational

Operational

API Services

99.97% uptime (90 days)

Operational

Database

100% uptime (90 days)

Operational

Web Portal

99.99% uptime (90 days)

Operational

Analysis Engine

Avg: 4.2 min per scan

Live Status: Subscribe to updates at status.checkappsec.com for real-time incident notifications.

Performance Metrics

250ms

Average Response Time

API endpoints (95th percentile)

4.2min

Average Scan Time

Standard iOS application

<1hr

Incident Response

Critical security issues

Data Handling & Privacy

Data Residency

Primary Region: US-East-1 (N. Virginia)
Data Sovereignty: Customer choice for enterprise
Cross-Border Transfers: None (data stays in region)

Encryption

At Rest: AES-256 encryption (FIPS 140-2)
In Transit: TLS 1.3 with perfect forward secrecy
Key Management: AWS KMS with automatic rotation

Zero Retention Policy

All uploaded files and analysis results are automatically deleted after 2 hours. No backups, no archives, no permanent storage. Your proprietary applications never leave your control.

Third-Party Services & Subprocessors

We work with carefully vetted third-party services. All subprocessors maintain security certifications and comply with data protection regulations.

Amazon Web Services (AWS)

✓ SOC 2, ISO 27001

Infrastructure hosting, compute, database, and storage services

Data Processing Agreement: Available

OpenAI

✓ Zero Retention

AI-powered vulnerability analysis (GPT-4)

Data Processing Agreement: Zero retention policy active

Paddle

✓ PCI DSS Level 1

Payment processing and subscription management

We never store payment card information

Vercel

✓ SOC 2, ISO 27001

Frontend hosting and CDN delivery

Static content only, no user data processed

Download complete subprocessor list →

Privacy & Compliance

GDPR Compliant

EU General Data Protection Regulation

✓ Data minimization
✓ Right to erasure
✓ Privacy by design

CCPA Compliant

California Consumer Privacy Act

✓ No sale of data
✓ Right to delete
✓ Transparent practices

SOC 2 Type II

Service Organization Control

• In progress (Q2 2026)
• Independent audit
• Annual certification

Transparency & Reporting

Security Incidents

Data breaches (all time)

Last updated: February 28, 2026

Government Requests

Data requests received (2025)

Published annually

Questions About Our Trust & Security?

Our team is here to answer any questions about our security practices, compliance status, or data handling.

Last Updated: February 28, 2026