How ProdegyVault features and controls align with common frameworks — so your teams can pursue compliance. We implement the product with audits in mind; we do not claim third-party certification until those programs are complete.
How to prepare your organisation: we ship controls and transparency first; independent certifications for ProdegyVault follow on our roadmap.
Identify which regulations apply to your organization based on location and data types.
Use this page to see which Prodegy Vault features support your compliance requirements.
Enable required features (data residency, retention, approvals, monitoring, etc.).
Use audit logs and exports to evidence your security and privacy controls for internal review or external auditors.
Formal SOC 2, ISO 27001, and similar certifications for ProdegyVault are on our roadmap. Today we ship the controls and transparency that make those audits possible when we complete the programmes.
Monitor audit logs regularly and update configurations as regulations and your risk posture evolve.
ProdegyVault is built with controls that support GDPR, UK GDPR, DPDPA, and similar regimes. Independent certifications (for example SOC 2 Type II, ISO 27001) are planned; until then, use this page to understand how product capabilities help your compliance programme — not as a substitute for your own legal or audit sign-off.
European Union | ✓ Architecture Ready
Key Requirements: Data subject rights, consent management, data minimization, privacy by design, data protection impact assessments.
Prodegy Vault Support:
→ Planned 2026
Key Requirements: Information security policies, access control, cryptography, physical security, incident management, risk assessment.
Prodegy Vault Support (Current):
→ Planned 2026
Key Requirements: Security, availability, processing integrity, confidentiality, privacy controls over 6+ months.
Prodegy Vault Support (Current):
How Prodegy Vault features support regulatory compliance
| Feature | GDPR (EU) | UK GDPR | DPDPA (India) | ISO 27001 | SOC 2 Type II |
|---|---|---|---|---|---|
| Zero-Knowledge Architecture | ✓ | ✓ | ✓ | ✓ | ✓ |
| AES-256-GCM Encryption | ✓ | ✓ | ✓ | ✓ | ✓ |
| Blockchain-Verifiable Audit Logs | ✓ | ✓ | ✓ | ✓ | ✓ |
| Data Residency (Regional) | ✓ | ✓ | ✓ | ✓ | — |
| Role-Based Access Control | ✓ | ✓ | ✓ | ✓ | ✓ |
| Multi-Factor Authentication | ✓ | ✓ | ✓ | ✓ | ✓ |
| Automatic Retention Policies | ✓ | ✓ | ✓ | ✓ | ✓ |
| Approval Workflows | ✓ | ✓ | ✓ | ✓ | ✓ |
| Break-glass Access | ✓ | ✓ | ✓ | ✓ | ✓ |
| Anomaly Detection | ✓ | ✓ | ✓ | ✓ | ✓ |
| Incident Response | ✓ | ✓ | ✓ | ✓ | ✓ |
| Third-Party Audit | 2026 | 2026 | 2026 | 2026 | 2026 |
Use ProdegyVault controls as part of your programme; formal third-party certifications for the service are planned — we do not claim them yet.
Identify which regulations apply to your organization based on location and data types.
Use this page to see which Prodegy Vault features support your compliance requirements.
Enable required features (data residency, retention, approvals, monitoring, etc.).
Use audit logs and exports to evidence your security and privacy controls for internal review or external auditors.
Formal SOC 2, ISO 27001, and similar certifications for ProdegyVault are on our roadmap. Today we ship the controls that make those audits possible when we complete the programmes.
Monitor audit logs regularly and update configurations as regulations and your risk posture evolve.
Readiness vs. formal certification: We have built ProdegyVault with controls, logging, and exports so your teams can pursue GDPR, DPDPA, SOC 2, ISO 27001, and similar programmes — but we are not claiming third-party certification or attestation for the service until those audit programmes complete. Use this site for orientation only; final compliance is always a shared responsibility between your organisation, your legal and security teams, and how you configure the product.