Trust & Security: Data Protection | Global RADAR
Subscribe

Trust & Security

  • Home
  • Trust & Security

RegTech that handles examiner-grade data is held to examiner-grade controls. Below are the third-party attestations and security commitments Global RADAR maintains, with signed reports available on request under NDA.

SOC 2 Type II

Trust Services Criteria: Security, Availability, Confidentiality.

  • Auditor: Available upon request under NDA
  • Report scope: Available upon request under NDA
  • Issue date: Available upon request under NDA
  • Next review: Available upon request under NDA

ISO/IEC 27001

Information Security Management System certification covering Global RADAR production systems and operational scope.

  • Certification body: Available upon request under NDA
  • Certificate number: Available upon request under NDA
  • Issue date: Available upon request under NDA
  • Valid through: Available upon request under NDA

GDPR and Privacy

Data processing aligned with EU General Data Protection Regulation requirements. Standard Contractual Clauses available for EU/UK data transfers.

  • DPA available: Yes, on request
  • SCCs available: Yes, 2021/914 module two
  • Data residency: United States (primary)
  • DPO contact: privacy@globalradar.com

Encryption Standards

All customer data is encrypted at rest and in transit using industry-standard cryptographic primitives.

  • At rest: AES-256
  • In transit: TLS 1.3
  • Key management: Industry-standard managed KMS
  • Key rotation: Annual key rotation, plus event-driven rotation on key personnel changes

Annual Penetration Testing

Independent third-party penetration testing of production application and infrastructure.

  • Tester: Available upon request under NDA
  • Last test: Available upon request under NDA
  • Cadence: Annual plus on major release
  • Findings: Summary available on request

Business Continuity and Disaster Recovery

Documented business continuity and disaster recovery plans with annual tabletop testing.

  • Recovery Point Objective: Standard target: 1 hour
  • Recovery Time Objective: Standard target: 4 hours
  • Multi-region: Available upon request
  • Last DR test: Available upon request under NDA

Request Signed Reports

Procurement and InfoSec teams: request the SOC 2 Type II report, ISO 27001 certificate, penetration test letter, or completed CAIQ/SIG questionnaires. Reports are delivered under mutual NDA.

Request Signed Reports Under NDA

Disclosure cadence

Global RADAR reviews and updates this page each time a new attestation is issued or renewed.

Reporting a vulnerability

Independent researchers may report vulnerabilities to security@globalradar.com. We acknowledge reports within 2 business days.