Security & Compliance Standards
We maintain the highest security controls to protect the integrity of our AI accountability data and respect the privacy of reporters.
Compliance & Certifications
ALPAR AI's hosting, policies, and systems are aligned with leading industry frameworks.
SOC 2 Type II
Continuous monitoring of security, availability, and confidentiality controls.
GDPR Compliant
Strict adherence to EU data protection principles, automatic PII masking.
KVKK Compliant
Compliant with Turkish Personal Data Protection Law (No. 6698) standards.
EU Hosted
Data resides in Frankfurt (Vercel) and Ireland (Supabase) under strict EU laws.
ISO 27001
Information Security Management System framework implemented globally.
OWASP Audited
Regular penetration testing and compliance with OWASP Top 10 vulnerabilities.
Security Roadmap
Our timeline for achieving additional certifications and hardening our infrastructure.
Q3 2026 — SOC 2 Audit
Complete formal SOC 2 Type II third-party audit and publish report.
Q4 2026 — End-to-End Cryptography
Implement client-side encrypted whistleblower submission boxes.
Q1 2027 — ISO 27001 Audit
Formal accreditation of our Information Security Management system.
Responsible Disclosure Policy
We welcome reports from security researchers to help keep our platform safe. If you believe you have discovered a vulnerability, please contact our security team at security@alparai.com.
Please do not expose vulnerability details publicly until we have resolved the issue. We review all reports within 24 hours.