SOC 2 Type II Compliance
Understanding TyneBase SOC 2 certification and what it means for your organization.
Read time:2 minUpdated:2026-01-10
SOC 2 Type II Compliance
Coming Soon
We are actively working toward SOC 2 Type II certification to demonstrate our commitment to security, availability, and confidentiality.
What is SOC 2?
SOC 2 (Service Organization Control 2) is a framework developed by the AICPA for managing customer data based on five Trust Service Criteria:
| Principle | Description |
|---|---|
| Security | Protection against unauthorized access |
| Availability | System accessibility as agreed |
| Processing Integrity | Accurate and timely processing |
| Confidentiality | Data protection as committed |
| Privacy | Personal information handling |
Our Current Security Practices
While we work toward formal certification, we implement:
Access Control
- Role-based access control (RBAC)
- Google OAuth authentication
- Session management via Supabase Auth
Data Protection
- AES-256 encryption at rest (via Supabase)
- TLS 1.3 in transit
- EU data residency (Frankfurt region)
Change Management
- Code review requirements
- Staged deployments
- Rollback procedures
Timeline
We expect to begin the SOC 2 Type II audit process in 2026. Enterprise customers requiring SOC 2 compliance should contact our sales team to discuss options.
Contact
For compliance inquiries:
- Email: compliance@tynebase.com