LAAMI SOC 2 Policy

Date: 10th March 2025

Our Commitment to Security

At LAAMI, we prioritize the security, privacy, and availability of our users' data. To support this, we use Supabase — a backend platform that is SOC 2 Type II audited and GDPR-compliant — as our primary infrastructure provider.

Certified Infrastructure

LAAMI benefits from Supabase's certified infrastructure, which includes:

Encryption of data at rest and in transit
Role-Based Access Control (RBAC)
Logging and audit trails
Secure authentication and authorization systems
Data residency and privacy controls aligned with GDPR

Our Compliance Commitment

We are committed to meeting all data review authentications and its standards and conduct internal reviews and audits aligned with that framework.

Additional Internal Safeguards

We complement Supabase's infrastructure with additional internal safeguards, including:

Multi-Factor Authentication (MFA) for all privileged access
Continuous log monitoring
Security incident response protocols
Annual vendor risk reviews

Transparency & Future Plans

We are actively pursuing formal compliance measures and are transparent about the controls we implement.

Contact Us

Please contact us at security@laami.co for more information.