Compliance
Security & compliance posture, audit export, and incident response
Security & Compliance Posture
Scalix Cloud's authoritative security and compliance statements — encryption, certification status (SOC 2 Type II and ISO 27001 are planned; no third-party certifications are held yet), GDPR/DPDP alignment, and data residency — are published and maintained on the Security page. That page is the single authoritative version, so this documentation does not restate it.
For the sub-processor list and data-processing terms, see the Data Processing Agreement and Privacy Policy.
Read the full security & compliance statement →
The rest of this page covers only the operational mechanics developers need.
Audit Export
Export audit logs for compliance reporting:
Audit logs can also be exported from the console, the REST API (
/v1/compliance/audit/export), or the SDKs. CLI install: getting started.
scalix-cloud compliance audit-export \
--from "2026-01-01" \
--to "2026-05-20" \
--format jsonIncident Response
Our incident response process:
- Detection and triage
- Customer notification for incidents affecting your data or availability
- Mitigation and resolution
- Post-incident review and report