Compliance at Kira
We align our program with recognized security and privacy frameworks and support the rights granted under major data-protection laws. This page summarizes our posture; full technical detail lives on Security & Compliance.
Frameworks and certifications
| Framework | Status | Scope |
|---|---|---|
| SOC 2 Type II | In progress | Security, availability, confidentiality |
| ISO/IEC 27001 | Planned | Information security management |
| GDPR | Compliant | EU/EEA personal data |
| CCPA / CPRA | Compliant | California consumer privacy |
Data residency
Kira runs on AWS. Depending on your plan and region, US or EU data-residency options may be available. Contact us to discuss requirements for your organization.
Sub-processors
We rely on a small set of vetted providers, each bound by data-protection terms. The current list is maintained on the Security & Compliance page.
Request documentation
Eligible customers can request our security overview, attestations, sub-processor list, and a Data Processing Addendum (DPA) by contacting security@kira.ai or legal@kira.ai.
References
Frequently asked questions
Quick answers to common questions.
Our SOC 2 program is in progress. Eligible customers can request the latest status and report under NDA.
Yes. We make a Data Processing Addendum available to business customers. Request it from legal@kira.ai.
Yes. We honor the rights granted under the GDPR and CCPA/CPRA. See our Privacy Policy.