> ## Documentation Index
> Fetch the complete documentation index at: https://signatureapi-daf4ee54.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# SOC 2 Compliance at SignatureAPI

> SignatureAPI is SOC 2 Type II compliant with independently audited security controls

SignatureAPI is **SOC 2 Type II compliant**, with controls independently audited for design and operating effectiveness over time.

### What is SOC 2 Type 2?

SOC 2 (System and Organization Controls 2) is a framework developed by the AICPA for managing customer data based on five “Trust Services Criteria” (TSC): Security, Availability, Processing Integrity, Confidentiality, and Privacy.

A Type 2 report assesses how well these controls are implemented and operated over time. It’s widely used by companies that need to evaluate the reliability and security of third-party service providers, particularly those handling sensitive or regulated data.

### Our Scope

Our SOC 2 Type 2 audit covers all five TSCs:

* **Security** – Protection against unauthorized access.
* **Availability** – System uptime and reliability.
* **Processing Integrity** – Accurate and timely system operations.
* **Confidentiality** – Protection of sensitive information.
* **Privacy** – Handling of personal data in accordance with privacy principles.

### Get a copy of our SOC 2 Type 2 report

To request a copy of our SOC 2 Type 2 report, email [support@signatureapi.com](mailto:support@signatureapi.com).

### Data Processing Agreement (DPA)

If your organization requires a DPA, see our [Data Processing Agreement](/docs/legal/terms/dpa). The DPA covers GDPR, CCPA, UK GDPR, and cross-border data transfers.
