Trust

Security is the product.

RFP Genius is used by people whose job is to ask hard security questions. We hold ourselves to the standards we help you answer.

SOC 2 Type II

Aligned

ISO 27001

Aligned

ISO 42001 (AI mgmt)

Aligned

GDPR

Compliant

CCPA

Compliant

EU AI Act

Aligned

TLS 1.3 in transit. AES-256 at rest. Keys rotated via managed KMS.

Choose EU, US or APAC at signup. Your data never leaves the region you pick.

Google, Microsoft, Okta and any SAML 2.0 IdP. SCIM provisioning on enterprise plans.

Every admin action — role grant, document edit, integration change — recorded and exportable.

Standard DPA on company paper, public sub-processor list, 30-day change notice.

Annual third-party penetration test. Summary letter available under NDA.

SOC 2 report, ISO certificates, pen test summary, DPA, sub-processor list and architecture diagram are available under NDA.