Peak Privacy Trust Center | Policies, Controls & Compliance

As a data protection company, we hold ourselves to the same standards we ask our customers to meet. Below you'll find our policies, procedures, and security controls — modeled on ISO 27001 and SOC 2 frameworks. We're a small team, so we don't yet carry formal certifications. But we've built our operations from day one with these frameworks as our blueprint, so that scaling up — including formal audits — is a natural next step, not a scramble.

Everything listed here is implemented and operational today.

Controls aligned with ISO 27001 & SOC2

Our security controls are modeled on ISO 27001 Annex A and SOC 2 Trust Service Criteria. We are currently operating under self-attestation, with formal third-party audit planned as we scale.

Security controls framework diagram showing eight categories: Organizational Controls (Information Security Policy & Governance, Conflict of Interest Management), Access Controls (Multi-Factor Authentication, Separation of Duties, Access Review & Revocation), Physical Security (Secure Workspace, Equipment Security), Operational Security (Logging & Monitoring, Incident Response, Business Continuity & Disaster Recovery), Data Protection & Privacy (Data Encryption, Data Separation, GDPR Compliance), Third Party Security (Third-Party Risk Assessment), Compliance Controls (Internal Audits, Management Review, Policy & Control Updates, Continuous Improvement), and Training & Awareness (Security Training, Awareness Program).

Policies & Procedures

Our policies define how we work. They set the rules for how we handle data, manage risk, and respond to incidents — and they're reviewed regularly as we grow. Each policy is actively enforced through the controls listed above.

A grid of six teal policy cards labeled business continuity, information security, access control, incident handling, third-party vendor risk, and conflict of interest.

Have questions or need to vet us?

Request certain documents, get help to answer security questionnaires, or book a compliance discussion with our team.

Contact us at:

connect[@]peakprivacy.eu, or +45 32 42 12 96

We look forward hearing from you.