MycroftTrust Center

Trust Center

Mycroft is a cybersecurity and compliance automation platform helping B2B SaaS companies manage security, risk, and compliance. We are committed to maintaining the security, privacy, and reliability of our platform, and hold SOC 2 Type 2 compliance (security, confidentiality, availability, and processing integrity) alongside being GDPR and HIPAA compliant (subject to DPA and BAA respectively). We encourage customers and prospects to review our security documentation, policies, and reports below.

Compliance

Compliance frameworks Mycroft currently meets or is working toward to uphold their security and privacy commitments.

SOC 2
Compliant
HIPAA
Compliant
GDPR
Compliant
ISO 42001
In progress
ISO 27001
In progress
FedRAMP 20x - MODERATE
In progress
ISO 27701
In progress
CMMC Level 1
Compliant

Trusted by

Willful logoWillful
Wisedocs logoWisedocs
Weave logoWeave
Control D logoControl D
Superwhisper logoSuperwhisper
Cascade Debt logoCascade Debt

Resource library

Our security, compliance, and policy documentation, including audit reports.

SOC 2 Type 2 Report - 2025February 25, 2026
Mycroft SOC 2 Type 2 Engagement LetterApril 30, 2026
Application Penetration Test - 2025February 25, 2026

Subprocessors

Trusted third parties that support our services and may process customer data as part of their function.

GCP
CA/US
Cloudflare
CA/US
PropelAuth
US
1Password
CA
Google Workspace
US

Frequently asked questions

Powered by