Security

We’re compliant with GDPR and CCPA, maintain SOC 2 Type II certification, and undergo annual third-party penetration testing. Our infrastructure runs on GCP in the US-Central1 region with encryption at rest and in transit. If you discover a security concern, we encourage responsible disclosure (full details are in our Vulnerability Disclosure Policy). Key Security Features:

Data Protection & Compliance: GDPR and CCPA compliant with SOC 2 Type II certification. All data deletion requests are honored at privacy@endgame.io
Infrastructure Security: GCP US-Central1 hosting with AES256 encryption at rest and HTTPS/TLS in transit. Availability monitored at status.endgame.io
Access Controls: Least privilege principle enforced for all employee access to production environments and customer data
Third-Party Vendors: All sub-processors meet SOC 2 Type II and GDPR/CCPA standards. OpenAI Enterprise used for text processing with zero-retention policy

For complete security documentation, certifications, and our current list of sub-processors, visit trust.endgame.io/.

Vulnerability Disclosure Policy

Privacy

⌘I

Welcome

Getting Started

Features

Integrations

Access

Admin Guides

Trust & Support

Resources