Security
Compliance Overview
This article outlines the principles and practices that underpin SysOS compliance. It is a general overview, not a certification claim for any specific framework.
Our approach
We build to widely accepted security and privacy principles: least privilege, encryption, auditability, and data minimization.
Audit trail
Sensitive actions are recorded so administrators can review who did what and when. Support actions by platform staff are flagged separately for transparency.
Data subject requests
- Requests to access, correct, or delete personal data are handled through your administrator.
- We respond within a lawful, reasonable timeframe.
Sub-processors
We use vetted infrastructure and service providers under contract and can disclose them on request.
Shared responsibility
| We are responsible for | You are responsible for |
|---|---|
| Platform security | Account security |
| Encryption and backups | Role assignment |
| Infrastructure compliance | Lawful use of your data |
Documentation
For policy detail, see the Privacy Policy, Data Processing and Retention, and Security and Encryption Overview articles.