Trust & Security
Security is foundational to everything we build. VIERCE is designed to protect your data, your users, and your business.
SOC 2 Type II
VIERCE is SOC 2 Type II certified. Our controls for security, availability, processing integrity, confidentiality, and privacy are audited annually by independent third-party auditors.
GDPR Compliance
We comply with the General Data Protection Regulation. Data processing agreements are available for all EU customers. Your data is stored in region with full rights to access, export, and delete.
Encryption at Rest & In Transit
All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Customer-managed encryption keys (CMEK) are available for enterprise plans.
Infrastructure Security
Our infrastructure runs on ISO 27001-certified data centers. Network segmentation, intrusion detection, and 24/7 security monitoring are standard across all deployments.
Access Control & IAM
Role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) via SAML 2.0 or OIDC. Audit logs track every action.
Vulnerability Management
Continuous vulnerability scanning, monthly penetration testing, and a responsible disclosure program. Critical vulnerabilities are patched within 24 hours.
Data Residency & Portability
Choose where your data lives — US, EU, or APAC regions. Import/export your data anytime via API or dashboard. No vendor lock-in.
Security Awareness
All VIERCE employees undergo annual security training, background checks, and sign confidentiality agreements. Security is part of our engineering culture.
Report a Vulnerability
We maintain a responsible disclosure program. If you find a security vulnerability in any VIERCE product or infrastructure, please report it immediately. We commit to acknowledging receipt within 24 hours and resolving critical issues within 7 days.