Your IT team will
approve of this.
SOC 2 Type II and ISO 27001 certified. SSO, encryption, and VAPT tested. Built for teams that stay secure and compliant.
Security that holds up to review.
Every control below is documented, auditable, and ready for your procurement team.
Independently audited and certified.
Multiple independent certifications verified by accredited third-party auditors. A documented policy library covering every aspect of our operations, continuously monitored and updated.
SOC 2 Type II
Independent audit of security, availability, and confidentiality controls. Type II covers sustained operational effectiveness over time, not a point-in-time snapshot.
ISO 27001
Certified Information Security Management System covering risk assessment, access controls, incident management, business continuity, and continuous improvement.
GDPR
Full GDPR compliance with Standard Contractual Clauses for international transfers. Data subject rights supported end-to-end. DPO contactable at privacy@trupeer.ai.
Security documents
Access documentation for your review. Some documents require identity verification.
Full compliance profile on TruDay
Policies, sub-processors, certifications, personnel
Frequently asked
Answers to the questions enterprise procurement and InfoSec teams ask most.
Not for shared models, ever. Trupeer does not use customer content to train or improve any shared foundation AI model, and our AI sub-processors (OpenAI, Google Gemini, ElevenLabs, HeyGen) are contractually bound to the same. The prohibition survives contract termination.
One exception: customer-scoped personalization. When you create a custom avatar or custom voice, the underlying provider fine-tunes a model using only the samples you explicitly provide, for your exclusive use. That fine-tune is isolated to your account, never serves another customer, and is deleted on request or on account termination. Opt-in only.
SOC 2 Type II and ISO 27001, independently audited. Full GDPR compliance with Standard Contractual Clauses for international transfers. Reports available under NDA via the request form.
Microsoft Azure (East US 2 primary). Encrypted at rest with AES-256 and in transit with TLS 1.3. Frontend on Vercel with a global CDN. Transient processing occurs on contracted AI sub-processors under no-training terms. Identity via Auth0/Okta. For specific data residency requirements, contact privacy@trupeer.ai.
Yes. Annual third-party penetration tests covering external infrastructure and the application layer. Summary reports available under NDA. Continuous vulnerability scanning in production.
30-day export period to retrieve your data, followed by 60-day deletion from all active systems, backups, and DR per NIST SP 800-88. Written deletion certification provided on request.
Yes. Enterprise SSO via Auth0/Okta with SAML 2.0. MFA enforced for all staff. Role-based access where applicable. Sessions via secure httpOnly cookies.
Yes. Documented BCP and DRP with defined RTO and RPO. Both tested annually via tabletop exercises. Geo-redundant backups. Results reviewed by leadership.
You do. All AI-generated output belongs entirely to the customer. Trupeer makes no IP claims on content created through the platform.
Yes. Background checks for all employees before system access. Security awareness training at onboarding and annually. All staff sign NDAs and confidentiality agreements.
Email privacy@trupeer.ai. We maintain a responsible disclosure policy and acknowledge receipt within 48 hours. We do not pursue legal action against good-faith security researchers.
Have security questions?
Our security team is ready to support your review process.
We respond within one business day.
Your IT team will
approve of this.
SOC 2 Type II and ISO 27001 certified. SSO, encryption, and VAPT tested. Built for teams that stay secure and compliant.
Security that holds up to review.
Every control below is documented, auditable, and ready for your procurement team.
Independently audited and certified.
Multiple independent certifications verified by accredited third-party auditors. A documented policy library covering every aspect of our operations, continuously monitored and updated.
SOC 2 Type II
Independent audit of security, availability, and confidentiality controls. Type II covers sustained operational effectiveness over time, not a point-in-time snapshot.
ISO 27001
Certified Information Security Management System covering risk assessment, access controls, incident management, business continuity, and continuous improvement.
GDPR
Full GDPR compliance with Standard Contractual Clauses for international transfers. Data subject rights supported end-to-end. DPO contactable at privacy@trupeer.ai.
Security documents
Access documentation for your review. Some documents require identity verification.
Full compliance profile on TruDay
Policies, sub-processors, certifications, personnel
Frequently asked
Answers to the questions enterprise procurement and InfoSec teams ask most.
Not for shared models, ever. Trupeer does not use customer content to train or improve any shared foundation AI model, and our AI sub-processors (OpenAI, Google Gemini, ElevenLabs, HeyGen) are contractually bound to the same. The prohibition survives contract termination.
One exception: customer-scoped personalization. When you create a custom avatar or custom voice, the underlying provider fine-tunes a model using only the samples you explicitly provide, for your exclusive use. That fine-tune is isolated to your account, never serves another customer, and is deleted on request or on account termination. Opt-in only.
SOC 2 Type II and ISO 27001, independently audited. Full GDPR compliance with Standard Contractual Clauses for international transfers. Reports available under NDA via the request form.
Microsoft Azure (East US 2 primary). Encrypted at rest with AES-256 and in transit with TLS 1.3. Frontend on Vercel with a global CDN. Transient processing occurs on contracted AI sub-processors under no-training terms. Identity via Auth0/Okta. For specific data residency requirements, contact privacy@trupeer.ai.
Yes. Annual third-party penetration tests covering external infrastructure and the application layer. Summary reports available under NDA. Continuous vulnerability scanning in production.
30-day export period to retrieve your data, followed by 60-day deletion from all active systems, backups, and DR per NIST SP 800-88. Written deletion certification provided on request.
Yes. Enterprise SSO via Auth0/Okta with SAML 2.0. MFA enforced for all staff. Role-based access where applicable. Sessions via secure httpOnly cookies.
Yes. Documented BCP and DRP with defined RTO and RPO. Both tested annually via tabletop exercises. Geo-redundant backups. Results reviewed by leadership.
You do. All AI-generated output belongs entirely to the customer. Trupeer makes no IP claims on content created through the platform.
Yes. Background checks for all employees before system access. Security awareness training at onboarding and annually. All staff sign NDAs and confidentiality agreements.
Email privacy@trupeer.ai. We maintain a responsible disclosure policy and acknowledge receipt within 48 hours. We do not pursue legal action against good-faith security researchers.
Have security questions?
Our security team is ready to support your review process.
We respond within one business day.
Create Professional Demo Videos & Docs in Minutes
© 2026 Trupeer Inc.
Create Professional Demo Videos & Docs in Minutes
© 2026 Trupeer Inc.
Create Professional Demo Videos & Docs in Minutes
© 2026 Trupeer Inc.