Compliance

Meeting the highest standards of regulatory compliance

Our Compliance Commitment

Neomatics is committed to meeting and exceeding industry compliance standards. We understand that our enterprise customers operate in highly regulated industries and require partners who take compliance seriously. Our compliance program is designed to provide you with the assurance you need to trust Nova with your strategic data.

Certifications & Attestations

SOC 2

SOC 2 Type II

Service Organization Control

Nova has completed SOC 2 Type II certification, demonstrating our commitment to security, availability, processing integrity, confidentiality, and privacy. Our annual audit is conducted by an independent third-party firm.

ISO

ISO 27001

Information Security Management

Our information security management system (ISMS) is certified to ISO 27001 standards, providing a systematic approach to managing sensitive company and customer information.

GDPR

GDPR Compliant

General Data Protection Regulation

Nova is fully compliant with the European Union's General Data Protection Regulation (GDPR). We provide data processing agreements (DPAs) and support data subject rights including access, rectification, and deletion.

CCPA

CCPA Compliant

California Consumer Privacy Act

We comply with the California Consumer Privacy Act (CCPA), providing California residents with the right to know, delete, and opt-out of the sale of their personal information.

Data Protection

Data Residency

We offer data residency options to meet your regulatory requirements. Customer data can be stored in specific geographic regions including the United States, European Union, and other locations upon request.

Data Processing Agreements

We provide Data Processing Agreements (DPAs) that comply with GDPR and other applicable regulations. Our DPAs outline our obligations as a data processor and your rights as a data controller.

Sub-processors

We maintain a list of sub-processors and notify customers of any changes. All sub-processors are contractually bound to the same data protection standards we maintain.

Industry-Specific Compliance

We work with customers across regulated industries and can support specific compliance requirements:

  • Financial Services: Controls aligned with financial industry regulations and guidelines
  • Healthcare: HIPAA-ready infrastructure available for customers handling protected health information
  • Government: Support for government procurement requirements and security standards
  • Public Companies: Controls supporting SOX compliance requirements

Trust Center

For enterprise customers, we provide access to our Trust Center which includes:

  • SOC 2 Type II reports
  • ISO 27001 certificates
  • Penetration test summaries
  • Security questionnaire responses (SIG, CAIQ, custom)
  • Insurance certificates
  • Data Processing Agreements

Contact your account representative or our sales team to request access.

Contact Compliance

For compliance-related inquiries, documentation requests, or to discuss your specific requirements:

Compliance Team

Email: compliance@neomatics.net