Compliance & Standards

StableSSL is committed to maintaining the highest standards of regulatory compliance and data protection across all jurisdictions we serve.

GDPR Compliance
General Data Protection Regulation (EU)
  • Legal basis for data processing established
  • Right to access and data portability
  • Right to erasure ("right to be forgotten")
  • Data breach notification within 72 hours
  • Privacy by design and default
CCPA Compliance
California Consumer Privacy Act
  • Right to know what data is collected
  • Right to delete personal information
  • Right to opt-out of data sales (we don't sell data)
  • Non-discrimination for exercising rights
SOC 2 Type II
Service Organization Control
  • Security controls and monitoring
  • Availability and uptime guarantees
  • Processing integrity verification
  • Confidentiality measures
ISO 27001
Information Security Management
  • Information security policies
  • Risk assessment procedures
  • Security controls implementation
  • Continuous improvement processes
Data Protection Officer
Your privacy rights contact

For any questions regarding data protection, privacy, or to exercise your data rights, please contact us.

We respond to all requests within 30 days as required by law.

Subprocessors and Third Parties
Services we use to provide our platform

We work with carefully vetted third-party service providers:

ProviderPurposeData Location
StripePayment processingUnited States (PCI DSS certified)
Cloud InfrastructureApplication hostingAustralia
Email ServiceTransactional emailsUnited States

All subprocessors are bound by data processing agreements (DPAs) and meet our security requirements.

Industry Standards

Our security and development practices align with:

  • OWASP Top 10 security guidelines
  • NIST Cybersecurity Framework
  • CIS Controls for effective cyber defense
  • SANS Critical Security Controls
  • Cloud Security Alliance (CSA) best practices
Audit and Transparency

We maintain transparency through:

  • Regular penetration testing
  • Publicly available security and privacy policies
  • Transparent incident reporting
  • Customer-accessible compliance documentation
International Data Transfers

When transferring data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Additional security measures for international transfers