Regulatory Compliance
PromptCanvas is committed to maintaining the highest standards of regulatory compliance across all jurisdictions where we operate. Our compliance program ensures we meet or exceed legal requirements for data protection, privacy, and security.
Certifications & Standards
SOC 2 Type II
Annual audit covering security, availability, processing integrity, confidentiality, and privacy
ISO 27001:2022
International standard for information security management systems
ISO 27701:2019
Privacy information management system extension to ISO 27001
Data Protection Regulations
GDPR (General Data Protection Regulation)
Full compliance with GDPR requirements including:
- Lawful basis for processing
- Data subject rights implementation
- Data protection by design and default
- Data protection impact assessments
- Breach notification within 72 hours
CCPA/CPRA (California Privacy Rights)
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of sale or sharing
- Non-discrimination for exercising privacy rights
Industry-Specific Compliance
Healthcare
HIPAA-compliant features for healthcare organizations handling protected health information
Financial Services
Compliance with financial regulations including PCI DSS for payment processing
Compliance Program
Our comprehensive compliance program includes:
- Regular compliance assessments and audits
- Employee training and awareness programs
- Policy and procedure documentation
- Risk assessments and mitigation strategies
- Vendor and third-party risk management
- Continuous monitoring and improvement
Contact Compliance Team
Need compliance documentation or have regulatory questions? We're here to help.