ScalixScalix Docs
Sign up

Compliance

Security & compliance posture, audit export, and incident response

Security & Compliance Posture

Scalix Cloud's authoritative security and compliance statements — encryption, certification status (SOC 2 Type II and ISO 27001 are planned; no third-party certifications are held yet), GDPR/DPDP alignment, and data residency — are published and maintained on the Security page. That page is the single authoritative version, so this documentation does not restate it.

For the sub-processor list and data-processing terms, see the Data Processing Agreement and Privacy Policy.

Read the full security & compliance statement →

The rest of this page covers only the operational mechanics developers need.

Audit Export

Export audit logs for compliance reporting:

Audit logs can also be exported from the console, the REST API (/v1/compliance/audit/export), or the SDKs. CLI install: getting started.

bash
scalix-cloud compliance audit-export \
  --from "2026-01-01" \
  --to "2026-05-20" \
  --format json

Incident Response

Our incident response process:

  1. Detection and triage
  2. Customer notification for incidents affecting your data or availability
  3. Mitigation and resolution
  4. Post-incident review and report