Launderly

Security at Launderly

We treat customer data as a contract, not a byproduct. This page enumerates the controls in place across data handling, infrastructure, access, and compliance.

Controls in place

  • PCI DSS SAQ A — Stripe-only card handling, quarterly ASV scan
  • GDPR — data export + erasure with cascade delete
  • SOC 2 Type II — audit in progress
  • HIPAA — opt-in mode with field-level PII encryption + 6-year audit retention
  • Sub-processors — full vendor list

Reporting a vulnerability

Email security@cleansuite.example with repro steps. We acknowledge within 24 business hours. PGP key and bug-bounty terms available on request.

Trust artifacts

Active customers can request the latest pen test report, SOC 2 readiness letter, and DPA / BAA via your account manager.