Security & Compliance

Security you can trust

FillFaster helps you manage signatures and documents with independently audited security, GDPR-aligned privacy practices, and secure EU-based infrastructure.

Certifications & Audits

To give you independent assurance, our security and compliance controls are regularly reviewed by accredited third-party auditors.

SOC 2 Type II Certified

SOC 2 Type II

FillFaster has completed a SOC 2 Type II audit covering all five Trust Services Criteria: Security, Availability, Confidentiality, Processing Integrity, and Privacy. Our report is available to customers under NDA.

ISO 27001 Certified

ISO 27001:2022

FillFaster is ISO 27001:2022 certified, the leading international standard for managing information security. Our ISMS covers the people, processes, and technology that support our platform.

GDPR Compliant

GDPR Alignment

We align with the requirements of the EU General Data Protection Regulation when processing personal data. We act as a Data Processor, make a DPA available, and maintain measures to support data subject rights.

Infrastructure & Encryption

FillFaster runs on a modern, secure cloud stack designed to protect your data in transit and at rest.

Secure Hosting

Primary infrastructure is hosted on Google Cloud Platform (GCP) in EU regions, with additional edge and security services provided by Cloudflare.

Network Security

Network segmentation and firewall rules restrict access to production systems. Only approved services and ports are exposed following a least-privilege approach.

Encryption

All connections to FillFaster use TLS to encrypt data in transit. Data at rest is encrypted using industry-standard encryption mechanisms at the storage level.

Operations & Monitoring

We limit access to systems and monitor the health of the FillFaster platform continuously.

Access Control

Employee access to production environments is restricted based on business need. Strong authentication is enforced, and access rights are reviewed periodically.

Incident Response

Key components generate logs to detect anomalies. We maintain an internal incident response process for assessing, containing, and remediating security events.

Data Protection

We treat your data with care. Documents are retained according to your account configuration, and upon request, we can delete or anonymize personal data.

SOC 2 Type II report and ISO 27001 certificate available upon request via info@fillfaster.com.

If you believe you've found a potential security vulnerability in FillFaster, please email security@fillfaster.com with a description of the issue and steps to reproduce it. We ask that you do not publicly disclose potential issues until we've had an opportunity to investigate.