Security & Compliance

Security is foundational to ELDOVISA. We treat customer data as if it were our own and operate to industry-leading standards.

Certifications

ELDOVISA is SOC 2 Type II certified, audited annually by a Big Four accounting firm. Our latest report is available under NDA — request it from security@eldovisa.com.

Encryption

All customer data is encrypted in transit using TLS 1.2+ with 256-bit cipher suites. Data at rest is encrypted with AES-256 using envelope-encryption keys managed by AWS KMS.

Infrastructure

ELDOVISA runs on AWS in the United States (us-east-1 and us-west-2) with multi-AZ redundancy. We maintain a 99.9% uptime SLA, with Enterprise customers eligible for 99.99%. Real-time status is available at status.eldovisa.com.

Application security

We perform annual third-party penetration tests, continuous dependency scanning, and automated SAST/DAST in our CI pipeline. All employee access requires SSO, hardware security keys, and is logged.

Privacy & data residency

Customer data stays in the United States by default. EU customers can request data residency in the EU on Enterprise plans. See our Privacy Policy and GDPR statement.

Responsible disclosure

Found a vulnerability? Email security@eldovisa.com. We acknowledge reports within 24 hours and reward valid findings.