Global Compliance
CodeTrust is committed to meeting the highest standards of data protection across all jurisdictions we operate in. Our platform is designed with privacy-by-design principles to ensure compliance with international regulations.
Our Certifications
SOC 2 Type II
Annual audit verifying security, availability, and confidentiality controls
ISO 27001
International standard for information security management systems
ISO 27701
Privacy information management system extension to ISO 27001
CSA STAR
Cloud Security Alliance certification for cloud service providers
Data Protection by Region
North America
PRIMARYCalifornia Consumer Privacy Act / California Privacy Rights Act
California's landmark privacy law grants consumers rights over their personal information and imposes obligations on businesses operating in the US.
Our Compliance Measures
- check_circleRight to know what data is collected
- check_circleRight to delete personal information
- check_circleRight to opt-out of data sale
- check_circleNon-discrimination for exercising rights
- check_circleService provider contractual requirements
Europe
UK General Data Protection Regulation
The UK's post-Brexit adaptation of the GDPR, maintaining the same high standards of data protection and individual rights.
Our Compliance Measures
- check_circleData minimization and purpose limitation
- check_circleRight to access, rectification, and erasure
- check_circleData Protection Impact Assessments (DPIA)
- check_circleBreach notification within 72 hours
- check_circleICO registration and compliance
South America
Lei Geral de Proteção de Dados
Brazil's comprehensive data protection law closely aligned with GDPR principles, governing the processing of personal data in Brazil.
Our Compliance Measures
- check_circleLawful bases for data processing
- check_circleData subject rights (access, correction, deletion)
- check_circleData Protection Officer (DPO) appointment
- check_circleInternational data transfer safeguards
- check_circleSecurity incident reporting to ANPD
Asia Pacific
Personal Information Protection Law
China's comprehensive data protection law establishing strict requirements for personal information processing and cross-border data transfers.
Our Compliance Measures
- check_circleConsent-based processing requirements
- check_circleData localization obligations
- check_circleSecurity assessments for cross-border transfers
- check_circlePersonal information protection impact assessments
- check_circleData subject rights enforcement
Data Privacy Act of 2012
The Philippines' data protection framework governing the processing of personal information in both government and private sector.
Our Compliance Measures
- check_circleNational Privacy Commission registration
- check_circleData subject consent requirements
- check_circleSecurity measures implementation
- check_circleBreach notification obligations
- check_circleData sharing agreements
Middle East
Personal Data Protection Law (Federal Decree-Law No. 45)
The UAE's federal data protection law establishing comprehensive requirements for personal data processing across the Emirates.
Our Compliance Measures
- check_circleLawful processing grounds
- check_circleData subject rights implementation
- check_circleCross-border transfer safeguards
- check_circleData Protection Officer requirements
- check_circleData breach notification procedures
Africa
Protection of Personal Information Act
South Africa's data protection law establishing conditions for lawful processing and protecting personal information.
Our Compliance Measures
- check_circleEight conditions for lawful processing
- check_circleInformation Officer registration
- check_circleData subject participation rights
- check_circleTransborder information flow restrictions
- check_circleSecurity safeguards implementation
Commitment to Compliance
Our legal and compliance team continuously monitors regulatory developments worldwide to ensure CodeTrust remains compliant with evolving data protection requirements. For specific compliance inquiries, contact compliance@codetrust.io