Regulatory Compliance
Built for Global Privacy Regulations
GDPR, CCPA, SOC 2, ISO 27001 compliance. Data residency options, retention controls, audit trails, and DPAs for enterprises with regulatory requirements.
Meet Global Privacy Requirements
IQIEX is designed for organizations operating across jurisdictions with varying privacy regulations
GDPR Compliance
Full compliance with EU General Data Protection Regulation—data residency in EU, right to erasure, data portability, and consent management.
CCPA Compliance
Meets California Consumer Privacy Act requirements—data disclosure, opt-out rights, and do-not-sell mechanisms.
Data Retention Controls
Set retention policies by data type and region—automated deletion or archival per your regulatory requirements.
Audit Trails & Logging
Every data access, export, and share logged with user attribution and timestamp—immutable logs for compliance review.
Data Residency Options
Choose where your data is stored—US, EU, UK, Canada, Australia—to meet local data sovereignty requirements.
Data Processing Agreements
Standard DPAs covering GDPR Article 28 requirements, sub-processor lists, and data transfer mechanisms.
Choose Where Your Data Lives
Select data residency by region to meet local data sovereignty requirements—competitive intelligence stored in your jurisdiction of choice.
🇪🇺 European Union
Hosted in Frankfurt, Germany (eu-central-1)
- • GDPR compliant
- • EU data residency
- • Standard Contractual Clauses
🇺🇸 United States
Hosted in Virginia (us-east-1)
- • CCPA compliant
- • US data residency
- • State-specific regulations
🇬🇧 United Kingdom
Hosted in London (eu-west-2)
- • UK GDPR compliant
- • UK data residency
- • International Data Transfer Addendum
Additional regions (Canada, Australia, Singapore) available on Enterprise plans
GDPR Rights & Data Subject Requests
Self-service and automated workflows for handling data subject access requests and privacy rights
Right to Access (GDPR Art. 15)
Export all personal data and processing records on request—via self-service dashboard or API.
Right to Erasure (GDPR Art. 17)
Delete all personal data on request—with audit trail and confirmation of deletion across all systems.
Data Portability (GDPR Art. 20)
Export data in machine-readable format (JSON, CSV)—transfer to another controller without hindrance.
Data Breach Notification
72-hour breach notification process per GDPR Article 33—with impact assessment and remediation plan.
Privacy by Design
Data minimization, purpose limitation, and security controls built into the platform—not added as an afterthought.
Sub-Processor Transparency
Published list of all sub-processors with notification of changes—customers can object per DPA terms.
Independently Audited Compliance
IQIEX maintains industry-standard compliance certifications with annual third-party audits
SOC 2 Type II
Annual audit of security, availability, confidentiality, processing integrity, and privacy controls—conducted by independent auditor.
- 12-month audit period
- Available under NDA
ISO 27001
International standard for information security management systems—comprehensive controls across people, process, and technology.
- Certification in progress
- Expected Q2 2025
GDPR Compliance
Full compliance with EU General Data Protection Regulation—data residency, right to erasure, data portability, and consent management.
- EU data residency available
- DPA available
CCPA Compliance
Meets California Consumer Privacy Act requirements—data disclosure, opt-out rights, and do-not-sell mechanisms.
- CPRA ready
- Do-not-sell support
Request Compliance Documentation
Get SOC 2 report, DPA templates, sub-processor lists, and compliance questionnaires for your procurement review.
ENTERPRISE-READY PLATFORM