Data handling report
Generate and audit a team report covering privacy settings and stored record counts.
Your data security is our priority. Learn how Soryxa protects validation workflows with provider-backed infrastructure, application-level controls, and clear retention practices.
DPA and data subject request support for customer privacy workflows
Support for California privacy access and deletion request workflows
Hosting provider SOC 2 Type II and SOC 3 Type II coverage
Encryption controls for data in transit and at rest
Soryxa supports GDPR-related customer workflows with a DPA request path, data subject request intake, limited validation retention, and privacy contact routing. Customers remain responsible for applying these controls to their own obligations.
General Data Protection Regulation
California Consumer Privacy Act
Soryxa supports California privacy request workflows, including access and deletion intake, retention details, and privacy contact routing for customer requests.
We are transparent about how we handle your data and for how long.
| Data Type | Purpose | Retention or handling |
|---|---|---|
| API request logs | Validation evidence and operational troubleshooting | Team selects 7, 30, or 90 days; default 90 days |
| Stored email identifiers | Support, review, and batch workflows | Plaintext, redacted, or hashed; hashed by default |
| Account data | Service provision | Account lifetime |
| Billing data | Payment processing | As required by law |
Generate and audit a team report covering privacy settings and stored record counts.
Preview matching logs, review items, and batch results from a SHA-256 email hash before acting.
Permanently remove matching email identifiers and scrub stored request evidence for the current team.
Apply redacted or hashed handling to historical plaintext logs and batch results with an audit record.
You have control over your data. Exercise your rights at any time.
How we protect your data at every level.
Data is encrypted in transit with TLS and API keys are hashed before storage. At-rest encryption is handled through the configured infrastructure and storage services.
Hosted on DigitalOcean infrastructure covered by DigitalOcean SOC 2 Type II and SOC 3 Type II reports. Soryxa applies application-level access controls, encryption, and retention practices on top of that infrastructure.
Application access is limited by role-based controls, with administrative activity logged and reviewed.
Our team is here to help.