Platform
Dispute Automation Payment Monitoring Fraud Prevention Integrations
Industries
E-commerce & Retail SaaS & Digital Goods Travel & Ticketing Financial Services
Resources
Trust Center Contact
Pricing Login
Get a Demo

Cellix Trust Center

Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and compliance.

[email protected]
Overview
Resources
Controls
Subprocessors

SOC 2 Type II

Audited annually

PCI DSS Level 1

Payment card security

ISO 27001

Information security

GDPR

Data protection compliant

How we protect your data

All data encrypted in transit (TLS 1.3) and at rest (AES-256)
No raw card numbers stored — only tokenized references
Row-level security on all database tables
Full audit logging on all sensitive operations
SOC 2 Type II audited annually by independent firm
Penetration tested quarterly by third-party security firms
99.99% historical uptime with real-time monitoring

Certificates

SOC 2 Type II CertificateRequest access
PCI DSS Level 1 CertificateRequest access
ISO 27001:2022 CertificateRequest access

Reports

SOC 2 Type II ReportRequest access
Penetration Test Summary 2025Request access

Security Documents

Technical and Organizational MeasuresRequest access
Data Processing Agreement (DPA)Request access
Subprocessors ListView

Infrastructure Security

Unique production database authentication enforced
Encryption key access restricted to authorized personnel
Infrastructure changes require peer review
Network segmentation between production and staging
Automated vulnerability scanning on all deployments

Organizational Security

Background checks conducted on all employees
Security awareness training completed annually
Incident response plan documented and tested
Asset disposal procedures enforced

Data Protection

Data encrypted at rest using AES-256
Data encrypted in transit using TLS 1.3
Data retention policies enforced with automated deletion
DSAR (data subject access requests) handled within 30 days
No raw card numbers stored — tokenized references only

Subprocessors

The following third-party subprocessors are used by Cellix to deliver our services.

SupabaseDatabase & Auth
VercelHosting & CDN
StripeBilling
ResendEmail delivery
TwilioSMS alerts
SentryError monitoring
CloudflareDNS & DDoS protection