Home
Enterprise-Grade Compliance

Compliance & Certifications

1.ML maintains the highest compliance standards to protect your data and meet regulatory requirements across industries.

SOC 2 Type II

Certified

ISO 27001

Certified

GDPR

Compliant

HIPAA

Compliant

SOC 2 Type II

Certified

Service Organization Control 2 Type II certification demonstrates our commitment to security, availability, and confidentiality.

SOC 2 Type II is an auditing procedure that ensures service providers securely manage data to protect the interests of organizations and the privacy of their clients. Our SOC 2 Type II certification covers all five trust service criteria.

Certification Details

Certification BodyIndependent Third-Party Auditor
ScopeAll 1.ML Services and Infrastructure
Audit Period12 months continuous monitoring
Last AuditDecember 2025
Next AuditDecember 2026

Key Benefits

  • Independent verification of security controls
  • Continuous monitoring and improvement
  • Detailed audit reports available upon request
  • Annual recertification requirement

Trust Service Criteria

Security

Protection against unauthorized access

Availability

System availability for operation and use

Processing Integrity

System processing is complete and accurate

Confidentiality

Information designated as confidential is protected

Privacy

Personal information is collected and used appropriately

ISO 27001

Certified

International standard for information security management systems (ISMS) demonstrating systematic approach to managing sensitive information.

ISO 27001 is the international standard for information security. It provides a framework for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).

Certification Details

Certification BodyAccredited ISO Registrar
Standard VersionISO/IEC 27001:2022
ScopeInformation Security Management System
Certificate IssuedMarch 2025
Valid UntilMarch 2028

Key Benefits

  • Internationally recognized security standard
  • Systematic approach to risk management
  • Regular surveillance audits
  • Continuous improvement framework

Security Controls

114 Controls

Implemented across 14 domains

Risk Assessment

Continuous risk identification and treatment

Asset Management

Inventory and classification of information assets

Access Control

User access management and authentication

Cryptography

Encryption and key management policies

Incident Management

Security incident response procedures

GDPR

Compliant

Full compliance with the EU General Data Protection Regulation ensuring data privacy rights for all EU citizens and residents.

The General Data Protection Regulation (GDPR) is the EU's comprehensive data protection law. We are fully compliant with all GDPR requirements, ensuring the protection of personal data for individuals within the European Union.

Certification Details

RegulationEU 2016/679 (GDPR)
Effective SinceMay 25, 2018
Data Protection OfficerAppointed
Lead Supervisory AuthorityIrish Data Protection Commission
Last AssessmentJanuary 2026

Key Benefits

  • Transparent data processing practices
  • Data subject rights fully supported
  • Data Processing Agreements available
  • 72-hour breach notification commitment

Data Subject Rights

Right to Access

Request copies of your personal data

Right to Rectification

Correct inaccurate personal data

Right to Erasure

Request deletion of your data

Right to Portability

Transfer data to another service

Right to Object

Object to processing of your data

Right to Restrict

Limit how we use your data

HIPAA

Compliant

Health Insurance Portability and Accountability Act compliance for handling Protected Health Information (PHI) in healthcare applications.

HIPAA establishes national standards to protect sensitive patient health information. Our HIPAA compliance enables healthcare organizations to use 1.ML for processing Protected Health Information (PHI) with confidence.

Certification Details

RegulationHIPAA (45 CFR Parts 160, 162, 164)
BAA AvailableYes - Business Associate Agreement
PHI HandlingEncrypted at rest and in transit
Last Risk AssessmentNovember 2025
TrainingAnnual HIPAA training for all staff

Key Benefits

  • Business Associate Agreements available
  • Dedicated healthcare security controls
  • Regular HIPAA risk assessments
  • Staff trained on PHI handling

HIPAA Safeguards

Administrative

Security management, workforce training, access management

Physical

Facility access controls, workstation security

Technical

Access controls, audit controls, integrity controls, transmission security

Healthcare Features

Business Associate Agreement

Legally binding BAA for covered entities

PHI Encryption

AES-256 encryption for all PHI data

Access Logging

Comprehensive audit trails for PHI access

Breach Procedures

Documented incident response for PHI breaches

Additional Compliance Standards

CCPA

California Consumer Privacy Act compliance

PIPL

China Personal Information Protection Law

WCAG 2.1 AA

Web Content Accessibility Guidelines

PCI DSS

Payment Card Industry Data Security Standard

Request Compliance Documentation

Need our SOC 2 report, ISO 27001 certificate, or a signed BAA? Contact our security team to request compliance documentation.

Privacy PolicySecurityGDPRData ProcessingContact