Legal
Trust center
Trust documentation prepared for auditors, customer due-diligence teams, and compliance reviewers. Every document is versioned and dated. A current sub-processor disclosure is provided to customers under the data processing terms of their agreement.
Documents
- Security posture — Encryption, tenant isolation, identity and signature integrity, audit logging, and compliance posture.
- Privacy policy — Global privacy policy with regional addenda (GDPR, CCPA, India DPDP).
- Data Processing Addendum (DPA) — Standard data processing terms covering GDPR Article 28 obligations.
- Acceptable Use Policy — Conduct prohibited on the platform. Referenced from the Terms of Service.
- Cookie policy — Cookies on the corporate site and on the platform.
- Service Level Agreement — Uptime, support response, and service-credit policy for paid tiers.
- Responsible Disclosure — Vulnerability reporting and safe harbor for good-faith research.
- Terms of Service — Master agreement covering the vumyo platform and the modules it includes.
- security.txt (RFC 9116) — Security contact, policy, and disclosure preferences.
- Operating standards — The published commitments the platform operates to.
Compliance posture
- GDPR-aligned. Data processing terms and data subject rights are documented.
- CCPA-aligned. The California addendum is included in the privacy policy.
- India DPDP-aligned. Identity-data handling, retention, and redaction obligations are integrated into platform behavior.
- SOC 2 Type II — readiness program in progress; independent auditor engagement scheduled.