Trust Center

Security & compliance resources

The documents your legal, security, and procurement teams need to evaluate Abundly. Most are available directly below; a few we share on request.

ISO 27001 CertifiedGDPR CompliantEU Data Residency

Documents & policies

Publicly available agreements and policies that govern how we handle your data.

Data Processing Agreement

GDPR-compliant DPA covering how we process customer data on your behalf, including sub-processor obligations.

Open document

Sub-processors

The current list of third-party processors that may process customer data on our behalf, with their role and region.

Open document

Privacy Policy

How we collect, use, and protect personal data across our products, websites, and services.

Open document

Cookie Policy

Details on the cookies and similar technologies we use on our websites, and how to control them.

Open document

Terms of Service

The contractual terms that govern your use of Abundly products and services.

Open document

Security Overview

Our complete security posture, multi-layer architecture, guardrails, governance controls, infrastructure, and compliance.

Open document

Available on request

Certificates, reports, and questionnaires we share with prospective and existing customers under NDA.

ISO 27001 certificate

Available on request

Our current ISO/IEC 27001 certification, showing scope, certifying body, and expiration. Provided under NDA.

Security questionnaire (CAIQ / SIG / custom)

Available on request

Completed responses to standard vendor security assessments, or your own questionnaire. Reach out with the format you need.

Need something else?

If you need our ISO 27001 certificate, a signed DPA, a completed security questionnaire, or any other compliance documentation, get in touch and we will send it over.

Contact our teamEmail support@abundly.ai

Looking for the full security picture? Read our security overview.

On the horizon

Items we are working towards or evaluating — not available to request today.

Penetration test report

Our first independent third-party penetration test is scheduled for H2 2026. We will share findings and remediation status with customers after that cycle completes.

SOC 2 Type II

SOC 2 Type II certification is now in progress. ISO 27001 remains our primary certification for European procurement; we will share the SOC 2 Type II report with customers once the audit cycle completes.