Security, Privacy & Compliance

    Everything you need to evaluate Inbound Labs from a security, privacy, and compliance perspective. No gatekeeping. It's all here.

    ✓ GDPR Compliant✓ SOC 2 Ready✓ CCPA Compliant
    🇪🇺

    GDPR Compliance

    Full GDPR compliance under Article 6(1)(f) legitimate interest for B2B data. Data Processing Agreements available to all paid customers. EU-region data storage by default.

    Download DPA Template →
    🇺🇸

    CCPA Compliance

    California Consumer Privacy Act compliant. Data subject requests honored within 30 days. Do-not-sell and do-not-share registries maintained and updated daily.

    View CCPA Policy →
    🔒

    Data Security

    All data encrypted at rest (AES-256) and in transit (TLS 1.3). Penetration testing conducted annually. SOC 2 Type II audit in progress.

    Security Overview →
    📄

    Sub-Processors

    Full list of sub-processors disclosed. All contractually bound to equivalent data protection standards. Updated with 30 days notice when changes occur.

    View Sub-processors →
    👤

    Data Subject Rights

    We honor access, deletion, correction, and portability requests. Submit via our opt-out portal. Processed within 30 days. Enterprise customers get a dedicated privacy contact.

    Opt-Out Portal →
    🤝

    Enterprise DPA

    Enterprise customers can negotiate custom Data Processing Agreements. We support SCCs and custom addenda. Legal review support included.

    Contact Legal Team →

    Built secure from the ground up

    AES-256 encryption at rest
    TLS 1.3 encryption in transit
    Annual third-party penetration testing
    Role-based access controls (RBAC)
    Multi-factor authentication enforced
    SOC 2 Type II audit in progress
    99.9% uptime SLA (Enterprise)
    Automated vulnerability scanning
    No data sold to third parties, ever
    Right to erasure honored within 30 days
    EU data residency available
    Breach notification within 72 hours

    Questions about compliance? Talk to our team.