Talk to Leadership

Trust · Compliance

The certifications, explained for procurement.

Every certification on this page is publicly attested and audit-ready. Customers can request the underlying reports directly through the SOC 2 report request page. We don't hide the certifications; we explain them.

Request the SOC 2 report

Procurement-grade trust documentation has a specific shape: clear architecture, explicit controls, named auditors, public sub-processors, and signed agreements. This page covers compliance posture.

The four dimensions

What's covered in Compliance posture.

Each row below names a dimension and what RedeApp publishes about it.

  • SOC 2 Type II

    Annual audit by CBIZ CPAs (Tampa, Florida). Most recent observation window: October 1, 2024 to December 31, 2025. Unqualified ('clean') opinion across security, availability, processing integrity, and confidentiality. CTO-signed bridge letter dated May 6, 2026 confirms no material changes to the control environment since the audit period. Report available under mutual NDA.

  • HIPAA

    Business Associate Agreement (BAA) available for healthcare customers. PHI encryption, audit trail compliance with §164.312. Customer-controlled retention. Audit-ready event stream.

  • GDPR + EU-US Data Privacy Framework

    Active EU-US DPF certification. GDPR data subject rights APIs. EU resident data residency options. Sub-processor list public and updated with 30-day change notification.

  • EU AI Act readiness

    Article 9 compliance for high-risk AI systems. Pre-deployment conformity assessment available. Customer-controlled grounding. Maker-checker controls on consequential AI actions.

Next step

Solve digital abandonment. Deploy the Frontline OS.

Your security review committee can reach our enterprise team for any clarification or specific controls inquiry.

Talk to leadership