Compliance

NRB IT Guidelines

ISO 27001In progress

GDPR-aligned

SOC 2 (roadmap)In progress

ISO 42001In progress
Nepal DPA
Resources
View allCompliance Reports
SAGEA ISO/IEC 27001:2022
SAGEA SOC 2 Type I
Helios VAPT
Helios ISO/IEC 27001:2022
Other documents
Incident Reports
No incident reports yet
Controls
View all ControlsInfrastructure securityView 7 more Infrastructure security controls
Encryption key access restricted
Unique account authentication enforced
Production database access restricted
Organizational securityView 5 more Organizational security controls
Portable media encrypted
Anti-malware technology utilized
Employee reference checks performed
Product securityView 2 more Product security controls
Data encryption utilized
Control self-assessments conducted
Penetration testing performed
Internal security proceduresView 17 more Internal security procedures controls
Vendor risk assessments conducted
SOC 2 - System Description
Whistleblower policy established
Data and privacy
Customer data deleted upon leaving
Subprocessors
View all SubprocessorsDigitalOcean•Cloud Infrastructure
United States, Singapore, Germany
Cloudflare•CDN & Security
Global network
Resend•Email Delivery
United States
PostHog•Product Analytics
United States
Updates
View all UpdatesSubprocessors
Addition of Discord as subprocessor
Published March 8, 2026
Read more about Addition of Discord as subprocessorSubprocessors
Addition of PostHog as subprocessor
Published February 28, 2026
Read more about Addition of PostHog as subprocessorGeneral
SAGEA Trust Center Launch
Published February 12, 2026
Read more about SAGEA Trust Center Launch
