AICPA Trust Services Criteria
SOC 2 Type I
Scope: Security, Availability, Confidentiality
Independent attestation that the design of ZERAKET's security controls meets the AICPA Trust Services Criteria at a point in time. Covers access control, change management, system operations, risk mitigation and incident response across the ticketing, payments and organizer platforms.
AICPA Trust Services Criteria
SOC 2 Type II
Scope: Security, Availability, Confidentiality, Privacy
Independent attestation that ZERAKET's security controls operated effectively over an extended audit window. Continuous monitoring of production access, key rotation, deployment review, vendor management and incident response, evidenced by sampled control runs.
International Organization for Standardization
ISO/IEC 27001:2022 Certified
Scope: Information Security Management System
Certified information security management system covering risk treatment, asset management, cryptography, supplier relationships, business continuity and the full Annex A control set under the 2022 revision. Recertified annually.
Regulation (EU) 2016/679
GDPR Compliant
Scope: EU & UK personal data processing
Lawful basis recorded for every processing activity. Data subject rights (access, rectification, erasure, portability, objection) handled within statutory windows. Data Processing Addendum and Standard Contractual Clauses available for B2B customers; appointed EU representative on file.
Reports are available under NDA to current and prospective enterprise customers. For compliance enquiries, data processing agreements, or auditor letters of attestation, contact compliance@zeraket.com.