Security & Compliance

Last updated: February 12, 2026

Introduction

Security and compliance are core pillars of FireReach. We are committed to maintaining the highest standards of data protection to ensure your information remains safe, private, and compliant with global regulations.

SOC 2 Compliance

FireReach is designed and built with SOC 2 compliance at its core.

• SOC 2 Type II: We are currently in the audit process for our SOC 2 Type II attestation. This certification verifies that our security controls, availability, and confidentiality measures meet rigorous industry standards.
• Continuous Monitoring: We employ continuous automated security monitoring of our infrastructure to detect and respond to threats in real-time.
• Infrastructure: Our platform leverages AWS and Vercel, both of which are SOC 2 Type II compliant providers.

GDPR Compliance

We are fully committed to complying with the General Data Protection Regulation (GDPR) for our users in the European Union and the UK.

• Data Rights: You have the right to access, rectify, or delete your personal data at any time. You can export your data directly from the dashboard or request permanent deletion by contacting support.
• Data Processing: We process data only for the purposes defined in our Terms of Service and Privacy Policy. We do not sell your personal data.
• Subprocessors: We maintain a strict list of vetted subprocessors (like OpenAI, Google, and MongoDB) who adhere to GDPR standards.
• Data Residency: We implement measures to ensure that international data transfers comply with applicable laws, utilizing standard contractual clauses where necessary.

Contact Us

If you have specific questions about our compliance posture or need to request a Data Processing Addendum (DPA), please contact our security team at security@firereach.ai.