Enterprise Data Governance & Compliance

Built with data privacy and data governance as core pillars of its service and operations architecture, the Torq AI SOC Platform meets the highest global certification standards — with regional data residency and compliance frameworks designed for every geography you operate in.

Security Trust Portal Get Started

Global Data Residency Options

Torq service is delivered with flexible data residency options, enabling organizations to keep their data exactly where regulatory and business requirements demand.

European Union

Complete data residency in Frankfurt, Germany, on Google Cloud Platform

United States

Full data residency within the United States (eastern U.S. region)

Asia Pacific

Regional data residency serving the Asia Pacific geography

Data Governance by Design

Torq is committed to operating with full compliance and certification across every dimension of data governance — from residency and privacy to personnel and operations.

Certified Data Privacy

Data Privacy pillars of SOC 2 Type II, BSI C5 Type II, ISO 27001, and ISO 42001 certifications ensure auditable, continuously monitored governance across all operations.

Regional Compliance

Dedicated data governance frameworks for the European Union and the United States, each with complete in-region residency and locally operating personnel.

100% Regional Personnel

All customer-facing and engineering roles operate exclusively from within the customer’s chosen governance region or from countries with verified adequacy decisions.

Transparent Policies

All data governance policies, procedures, and certifications are publicly available through the Torq Security Trust Portal.

European Union Data Governance

Complete data residency, GDPR compliance, and dedicated EU personnel — built for the most rigorous European data governance requirements.

Complete EU Data Residency

All customer data for EU and European customers is processed and stored exclusively in Frankfurt, Germany, on Google Cloud Platform, ensuring full compliance with European data residency requirements. No customer data leaves the EU boundary at any stage of processing.

100% EU-Region Personnel

All Torq personnel serving European customers operate exclusively from EU member states or countries with a European Commission Adequacy Decision for the safe flow of personal data, including:

  • Solution Engineers
  • Customer Success Managers
  • Customer Success Engineers
  • Customer Support Engineers
  • Solution Architects
  • Professional Services Engineers
  • R&D Engineers
  • Legal Team

European Commission Adequacy Decisions applicable to Torq personnel locations:

EU–U.S. Data Privacy Framework

Torq participates in the following international data privacy frameworks, providing robust transfer mechanisms for personal data:

  • EU-U.S. Data Privacy Framework
  • Swiss-U.S. Data Privacy Framework
  • UK Extension to the EU-U.S. Data Privacy Framework

Full registration details are available at the Data Privacy Framework List.

Torq’s participation is underpinned by the European Commission adequacy decision on the EU-US Data Privacy Framework, including provisions for Law Enforcement Cooperation.

GDPR Compliance

Full data operations compliant with the rights and requirements of GDPR Data Subjects, including data access, portability, erasure, and rectification rights. Torq performs strict due diligence with all subcontractors and provides an up-to-date Data Processing Addendum (DPA).

EU Certifications

Data Privacy pillars and chapters covered under:

  • SOC 2 Type II
  • BSI C5 Type II
  • ISO 27001
  • ISO 42001

United States Data Governance

Complete in-country data residency with U.S.-based personnel and industry-leading certifications.

Complete U.S. Data Residency

All customer data for US customers is processed and stored exclusively within the United States (eastern U.S. region), ensuring full compliance with U.S. data residency and sovereignty requirements.

100% U.S.-Based Personnel

All Torq personnel serving U.S. customers operate exclusively from within the United States, including:

  • Solution Engineers
  • Customer Success Managers
  • Customer Success Engineers
  • Customer Support Engineers
  • Solution Architects
  • Professional Services Engineers
  • R&D Engineers
  • Legal Team

CCPA Compliance

Full data operations compliant with the California Consumer Privacy Act (CCPA), including consumer rights to access, delete, and opt out of the sale of personal information. Torq maintains strict data handling procedures and provides transparency into all data processing activities for U.S. customers.

U.S. Certifications

Data Privacy pillars and chapters covered under:

  • SOC 2 Type II
  • BSI C5 Type II
  • ISO 27001
  • ISO 42001

Industry Leading Security Certifications

Validated compliance with the world’s most rigorous security and governance standards for enterprise AI systems

SOC 2 Type II

Comprehensive security, availability, confidentiality, and privacy controls audited by independent third parties.

BSI C5 Type II

Cloud Computing Compliance Criteria Catalogue certification by the German Federal Office for Information Security.

ISO 27001 Certified

International standard for Information Security Management Systems, ensuring systematic data governance.

ISO 42001 Compliant

AI Management System standard for responsible AI development, deployment, and governance across all operations.

Explore Our Data Policies

All data governance documentation, certifications, and compliance reports are available through the Torq Security Trust Portal.

Security Trust Portal
Security & Compliance
AI Governance

For privacy or data governance inquiries, contact us at [email protected]

For security matters, reach out to [email protected]

See Torq in Action

Get a demo to see how Torq helps you harness AI in the SOC to detect, prioritize, and respond to threats faster.

Is your security team ready to achieve more results, faster, with less stress?