Dataspace Security
Home / Trust Center
Trust Center

Evaluate us the way we'd evaluate a vendor.

Certifications, security practices, data handling and disclosure — collected on one page so your procurement and security review can move fast.

ISO/IEC 27001:2022ISO 9001DPDP-ALIGNEDNDA-FRIENDLY
Posture

What we hold ourselves to.

Certifications

ISO/IEC 27001:2022 (information security) and ISO 9001 (quality), independently audited. Certificates available to prospects on request.

Security practices

MFA everywhere, least-privilege access with quarterly review, client data segregated per engagement, endpoint hardening on the same MDR stack we sell, annual third-party pentest of our own estate.

Data handling

Engagement data encrypted in transit and at rest, retained only for the contracted period, destroyed with certificate on request. Findings never leave the client workspace on GovernanceOps AI.

Privacy commitments

We act as Data Processor for platform customers with DPAs reflecting DPDP obligations; sub-processor list available under NDA; no client data used for model training.

Responsible disclosure

Found something in our estate? Tell us.

Report suspected vulnerabilities in Dataspace or GovernanceOps systems to disclosure@dataspacesecurity.com. We acknowledge within 2 business days, keep you informed through triage, and credit researchers who wish to be named. Good-faith research within scope will never be met with legal threats.

ACK ≤ 2 BUSINESS DAYSSAFE HARBORCREDIT OFFERED
Standards we work to

The frameworks behind the deliverables.

OWASP TOP 10 / ASVS / MASVSPTESNIST CSFMITRE ATT&CKCIS BENCHMARKSISO 27001 ANNEX ASEBI CSCRFDPDP ACT 2023CERT-IN DIRECTIONS

Security contact for active incidents involving Dataspace deliverables: info@dataspacesecurity.com — monitored 24×7 by the SOC floor.