LastAppStanding Logo

Compliance & Certifications

Our commitment to meeting industry standards and regulatory requirements

Our Compliance Framework

At LastAppStanding, we understand that compliance is critical for our customers, especially those in regulated industries. Our comprehensive compliance program is designed to meet the highest standards of data protection, privacy, and security.

We regularly undergo independent audits and assessments to validate our compliance with industry standards and regulations. This ensures that our customers can confidently use our AI API services while meeting their own compliance obligations.

Security

Audits

Regulations

Global Standards

Our Certifications

Industry-recognized certifications that validate our commitment to security and compliance

SOC 2 Type II

We have successfully completed SOC 2 Type II audits, demonstrating our commitment to security, availability, processing integrity, confidentiality, and privacy controls.

ISO 27001

Our information security management system (ISMS) is certified to ISO 27001, the international standard for information security management.

ISO 27017 & 27018

We adhere to ISO 27017 for cloud security and ISO 27018 for protecting personally identifiable information (PII) in public clouds.

HIPAA Compliance

Our infrastructure and processes are designed to support HIPAA compliance, enabling healthcare organizations to use our services while maintaining compliance with healthcare regulations.

PCI DSS

For customers processing payment information, our systems are designed to support PCI DSS compliance requirements.

CSA STAR

We participate in the Cloud Security Alliance's Security, Trust & Assurance Registry (STAR) program, demonstrating our commitment to cloud security transparency.

Regulatory Compliance

How we help you meet your regulatory obligations

GDPR

We are fully compliant with the General Data Protection Regulation (GDPR), providing data processing agreements, data protection impact assessments, and mechanisms for data subject rights.

  • • Data Processing Agreements available
  • • Data subject access request support
  • • Privacy by design principles
  • • Data minimization practices
CCPA/CPRA

We comply with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), supporting businesses that serve California residents.

  • • Consumer rights request support
  • • Data inventory and mapping
  • • Service provider agreements
  • • Opt-out mechanisms
HIPAA

For healthcare customers, we offer Business Associate Agreements (BAAs) and implement the necessary safeguards to protect protected health information (PHI).

  • • Business Associate Agreements
  • • PHI encryption and protection
  • • Audit logging and monitoring
  • • Incident response procedures
Global Regulations

We stay current with global privacy and data protection regulations, including LGPD (Brazil), PIPEDA (Canada), and other regional requirements.

  • • Regional data residency options
  • • Cross-border data transfer mechanisms
  • • Regular compliance updates
  • • Documentation for regulatory audits

Compliance Documentation

Resources available to support your compliance needs

Audit Reports

SOC 2 reports, penetration test summaries, and other audit documentation available under NDA

Legal Agreements

Data Processing Agreements, BAAs, and other legal documents to support your compliance requirements

Security Questionnaires

Responses to common security questionnaires and frameworks like CAIQ, SIG, and vendor assessment forms

Need More Information?

Contact our compliance team to discuss your specific requirements or to request compliance documentation.

Email: compliance@lastappstanding.com