We are GDPR-aligned by design and our customer data lives in the European Union. We are not SOC 2, ISO 27001, or HIPAA certified today. If those certifications are a hard requirement, tell us early.