Security

Built to be trusted
from day one.

The boring stuff your security team cares about — already done. AES-256, TLS 1.3, SOC 2 in progress, per-tenant keys on Enterprise.

AES-256 at rest. TLS 1.3 in transit. Per-tenant encryption keys on Enterprise. Documents are encrypted before they leave your machine.

SAML 2.0 SSO and OIDC for Enterprise. SCIM 2.0 user provisioning. Role-based access controls per document and per workspace.

Every action logged: who opened, viewed, edited, downloaded, deleted. Immutable, exportable, retained for the period you set.

SOC 2 Type II in progress. GDPR, PIPEDA, CCPA aligned. HIPAA BAA available on Enterprise. ESIGN & eIDAS compliant signatures.

Pick your region: US (Virginia), EU (Ireland), Canada (Montreal), or self-host on your own infrastructure (Enterprise).

Annual third-party penetration test. Public bug bounty via HackerOne. Critical fixes within 24 hours.

Compliance roadmap

Where we are. Where we're going.

2026 Q1

Founding, security model designed-in from day one

2026 Q3

SOC 2 Type I audit (in progress)

2027 Q1

SOC 2 Type II report (target)

2027 Q2

ISO 27001 certification (target)

Email security@edts.ca. We'll send the latest documents under NDA within one business day.