GDPR Compliant CCPA/CPRA Ready Export Approved

Global Compliance
& Regulatory Excellence

Veilith meets and exceeds international privacy regulations, export controls, and industry standards to ensure your encryption solution is legally compliant worldwide.

Comprehensive Compliance Framework

Our commitment to compliance ensures Veilith can be deployed confidently in any regulatory environment.

GDPR

EU Data Protection

Fully Compliant

CCPA/CPRA

California Privacy

Fully Compliant

ISO 27001

Information Security

Certified

EAR/ITAR

Export Controls

Approved

Global Data Protection Compliance

Veilith's zero-knowledge architecture naturally aligns with the strictest privacy regulations worldwide.

European Union - GDPR

Privacy by Design

Zero-knowledge architecture ensures we never access user data

Data Minimization

No personal data collection or processing

User Rights

Full control over data with local-only storage

DPO Appointed

Dedicated Data Protection Officer available

United States - CCPA/CPRA

Consumer Rights

Full transparency with no data to sell or share

Opt-Out Mechanism

No data collection means no opt-out needed

Data Deletion

Users control all data locally on device

Privacy Policy

Clear, accessible privacy documentation

APAC Compliance

  • Singapore PDPA
  • Japan APPI
  • South Korea PIPA
  • Australia Privacy Act

Americas Compliance

  • Canada PIPEDA
  • Brazil LGPD
  • Mexico LFPDPPP
  • Argentina PDPA

Other Regions

  • UK DPA 2018
  • Switzerland FADP
  • Israel Privacy Law
  • UAE Data Law

Export Control Compliance

Veilith complies with international export regulations for encryption technology.

U.S. Export Administration Regulations (EAR)

Classification

ECCN 5D002 - Mass market encryption software

License Exception

ENC - Encryption Commodities and Software

Notification

BIS and NSA notification completed

Export Restrictions

Embargoed Countries

Not available in OFAC sanctioned countries

Denied Persons List

Automated screening against restricted entities

End-Use Restrictions

Prohibited for nuclear, chemical, or biological weapons

Wassenaar Arrangement Compliance

Veilith's encryption strength (256-bit keys) is designed to meet mass-market exemptions under the Wassenaar Arrangement, allowing for global distribution while maintaining strong security.

Industry Standards & Certifications

Veilith meets or exceeds internationally recognized security and quality standards.

ISO 27001:2013

Information Security Management System certification demonstrating systematic approach to data security.

✓ Certified 2024

SOC 2 Type II

Independent audit of security, availability, and confidentiality controls over a 12-month period.

✓ Audited 2024

NIST Framework

Follows NIST Cybersecurity Framework for comprehensive security risk management.

✓ Implemented

OWASP MASVS

Complies with OWASP Mobile Application Security Verification Standard Level 3.

✓ L3 Compliant

FIPS 140-2

Cryptographic modules validated against Federal Information Processing Standards.

✓ Level 2 Modules

PCI DSS

Payment Card Industry compliance for secure handling of payment information.

✓ Level 1 Compliant

Legal Framework & Governance

Our compliance program is supported by robust legal and governance structures.

Legal Compliance Team

  • In-house legal counsel
  • External regulatory advisors
  • Quarterly legal reviews

Data Protection Officer

  • GDPR Article 37 compliant
  • Direct board reporting
  • 24/7 incident response

Compliance Committee

  • Monthly meetings
  • Risk assessment reviews
  • Policy updates
COMPLIANCE DOCUMENTATION

Need Compliance
Documentation?

Request detailed compliance reports, audit results, and certification documents for your security team's review.