Compliance

DiluTracker adheres to the highest standards of compliance and regulatory requirements for financial services.

SOC 2 Type II

Audited annually

GDPR

EU compliance

CCPA

California compliance

Data Privacy Regulations

GDPR (General Data Protection Regulation)

Full compliance with EU data protection requirements including:

  • Right to access, rectification, and erasure
  • Data portability
  • Consent management
  • Data processing agreements
  • Breach notification (within 72 hours)

CCPA (California Consumer Privacy Act)

California resident privacy rights including:

  • Right to know what data is collected
  • Right to delete personal information
  • Right to opt-out of data sales
  • Non-discrimination for exercising rights

Industry Standards

SOC 2 Type II

Annual third-party audit covering security, availability, processing integrity, confidentiality, and privacy. Full reports available to Enterprise customers under NDA.

ISO 27001 (In Progress)

Currently pursuing ISO 27001 certification for information security management. Expected completion Q2 2025.

PCI DSS

Payment Card Industry Data Security Standard compliance through certified payment processors. We do not store credit card information.

Financial Services Compliance

DiluTracker is designed to support regulated financial institutions with compliance requirements:

  • Audit Trails: Comprehensive logging for regulatory examinations
  • Data Retention: Configurable retention policies to meet regulatory requirements
  • Access Controls: Role-based permissions and segregation of duties
  • Business Continuity: Disaster recovery and backup procedures
  • Vendor Risk Management: Documentation and attestations for due diligence

Subprocessors

We work with a limited set of trusted subprocessors. Enterprise customers can request the full list under NDA.

Cloud Infrastructure
Hosting and compute services
SOC 2, ISO 27001
Payment Processing
Billing and subscriptions
PCI DSS Level 1
Email Services
Transactional emails
SOC 2, GDPR

Need Compliance Documentation?

We provide compliance documentation including SOC 2 reports, security questionnaires, and DPAs.