Trust Center
Trust Center
We're early in our compliance journey and committed to building it the right way. We'll publish SOC 2 reports and detailed security documentation as they become available.
SOC 2
We are working toward SOC 2 Type I certification. We will publish the report on this page when it is issued — until then, we can share our current control posture and roadmap under NDA.
Security
- Tenant isolation and role-based access for employer accounts.
- Encryption in transit and at rest for sensitive data.
- SAML/OIDC single sign-on and SCIM user provisioning.
- Audit logging for administrative actions.
Fraud & abuse
PerkPirate uses merchant category controls, spend limits, and transaction monitoring to protect employer funds. Employees receive clear decline messages when spend falls outside program rules.
Subprocessors
| Name | Purpose | Region |
|---|---|---|
| Amazon Web Services (AWS) | Hosting, networking, backups | United States |
| Stripe Issuing | Card issuing, authorization, settlement | United States |
| Postmark | Transactional email | United States |
| Zendesk | Customer support | United States |
Privacy
Data processing details: Privacy Policy. Currently US-only; regional terms will be added as we expand.
Request a report or NDA
For SOC 2 reports, completed questionnaires, or pen-test summaries under NDA, contact security@perkpirate.com.