← Back to Documentation

Compliance Reports & Certifications

Third-party audits, security certifications, and compliance documentation

Smart eQuiz undergoes regular third-party security audits and maintains industry-standard certifications to ensure the highest levels of security, privacy, and compliance. This page provides transparency into our compliance posture and access to relevant reports.

Note: Some reports are only available to Enterprise customers or require an NDA. Contact us at compliance@smartequiz.com for access.

Security Certifications

SOC 2 Type II

Available for Enterprise

Annual independent audit of our security controls, availability, processing integrity, confidentiality, and privacy practices.

Last Audit: September 2025

Audit Period: October 2024 - September 2025

Auditor: [Major Auditing Firm]

ISO 27001

In Progress (Q1 2026)

International standard for information security management systems. Certification process currently underway with completion expected Q1 2026.

Expected Certification: March 2026

Certification Body: [Accredited Registrar]

Scope: All Smart eQuiz platform services

GDPR Compliant

EU Data Protection

Full compliance with the European Union's General Data Protection Regulation including data processing agreements and EU data residency options.

DPA Available: Yes

Data Residency: EU region available

DPO Contact: dpo@smartequiz.com

View Privacy Documentation

CCPA Compliant

California Privacy

Compliant with the California Consumer Privacy Act, providing California residents with enhanced privacy rights and controls.

Privacy Notice: Available

Do Not Sell: We don't sell data

Consumer Rights: Access, Delete, Opt-out

View Privacy Policy

Available Reports

Security Overview Whitepaper

Comprehensive overview of our security architecture, encryption standards, access controls, and incident response procedures. Public - No NDA required.

PublicPDF26 pages

Penetration Test Summary

Executive summary of our most recent third-party penetration testing results. Full report available to Enterprise customers. Professional & Enterprise plans.

Professional+PDF12 pages

Last Test: October 2025 | Next Test: April 2026

SOC 2 Type II Report

Complete SOC 2 Type II audit report covering security, availability, and confidentiality.Enterprise plan only. NDA required.

Enterprise OnlyNDA RequiredPDF

Audit Period: Oct 2024 - Sep 2025 | Report Date: November 2025

Vulnerability Disclosure Report

Quarterly summary of security vulnerabilities reported, assessed, and remediated. Demonstrates our commitment to continuous security improvement. Public.

PublicPDFQuarterly

Latest Report: Q3 2025 (Jul-Sep)

Data Processing Agreement (DPA)

GDPR-compliant data processing agreement for organizations that need formal contracts covering data protection. Professional & Enterprise plans.

Professional+PDFStandard Clauses

Compliance Standards We Follow

Data Protection

  • ✓ GDPR (European Union)
  • ✓ CCPA (California)
  • ✓ PIPEDA (Canada)
  • ✓ LGPD (Brazil)
  • ✓ Privacy Shield (EU-US transfers)

Security Standards

  • ✓ SOC 2 Type II
  • ✓ ISO 27001 (in progress)
  • ✓ NIST Cybersecurity Framework
  • ✓ OWASP Top 10
  • ✓ CSA STAR (planned 2026)

Industry-Specific

  • ✓ COPPA (children's privacy)
  • ✓ FERPA (educational records)
  • ✓ Accessibility (WCAG 2.1 AA)
  • ✓ PCI DSS (payment security)

Cloud Security

  • ✓ AWS Well-Architected Framework
  • ✓ Google Cloud Best Practices
  • ✓ Azure Security Baseline
  • ✓ Zero Trust Architecture

Trust Center

Comprehensive Security & Compliance Hub

Our Trust Center provides real-time access to security documentation, compliance reports, system status, and incident history. Available 24/7 to all customers.

System Status

Real-time uptime monitoring

Security Updates

Latest security news

Documentation

All compliance docs

Request Report Access

To request access to compliance reports or discuss custom compliance requirements:

For Current Customers

Log in to your account and submit a request through the Support portal. Enterprise customers can access reports directly in account settings.

For Prospects

Evaluating Smart eQuiz? Contact our sales team to discuss compliance requirements and request relevant documentation.

Contact Sales

Email: compliance@smartequiz.com |Response Time: Within 48 business hours

Related Documentation

Security Best Practices

Guide to securing your account

Data Privacy Documentation

How we handle your data

Security Overview

Platform security features

Documentation Hub

All platform documentation