Trust Center

Security and compliance, in one place.

Everything on PodStack - and everything operators run on DC Suite - sits on one ISO 27001 certified platform with per-tenant isolation, audit trails, and data residency controls. This page tracks where we stand, including what is still in progress.

Certifications and controls

What is certified, what is built into the platform, and what is coming next.

ISO 27001
Certified

Our information security management system is ISO 27001 certified, with independently audited controls across the platform and the data centres it runs in.

In-India data residency
Available

Pin workloads and data to our India region when residency requirements apply. US and EU regions are available for teams that need capacity elsewhere.

DPDPA-ready architecture
Built in

The platform is architected for India’s Digital Personal Data Protection Act: residency controls, purpose-scoped access, and data-deletion workflows.

Per-tenant isolation
Built in

Every tenant’s compute, storage, and network are isolated on our proprietary control plane and PodVirt virtualisation layer - fractional GPUs never share a tenant boundary.

Audit trails
Built in

Administrative and API actions across the platform are recorded in audit trails, supporting compliance reviews and incident response.

SOC 2 Type II
In progress

A SOC 2 audit is on our active roadmap. This page will be updated when the report is available.

HIPAA readiness
On roadmap

HIPAA readiness is planned as we expand support for healthcare workloads. Talk to us if it is a requirement for your team.

At a glance

Certification
ISO 27001 (information security management)
Regions
US, EU, and India
Data residency
Region pinning for workloads and data, including in-India residency
Regulatory architecture
Designed for DPDPA; SOC 2 Type II in progress, HIPAA readiness on the roadmap
Tenancy
Per-tenant isolation via our proprietary control plane and PodVirt virtualisation
Auditability
Audit trails on administrative and API actions
Platform
Same controls across the managed cloud and the licensable DC Suite platform

Running your own GPU cloud on this platform? Learn about DC Suite →

Frequently asked questions

Which certifications does PodStack hold today?+

PodStack is ISO 27001 certified, covering our information security management system, the platform, and the data centres it runs in. A SOC 2 Type II audit is in progress and HIPAA readiness is on the roadmap; this page is updated as new attestations land.

Can I keep my data and workloads in India?+

Yes. PodStack offers in-India data residency: you can pin workloads and data to our India region to meet residency requirements, including those arising under the DPDPA. US and EU regions are also available.

How does PodStack support DPDPA compliance?+

The platform is architected for India’s Digital Personal Data Protection Act, with in-India residency controls, purpose-scoped access, audit trails, and data-deletion workflows. Your compliance obligations depend on your workload; our team can walk through the architecture with you.

How are tenants isolated from each other?+

Isolation is enforced by PodStack’s proprietary control plane and the PodVirt virtualisation layer. Each tenant’s compute, storage, and network are isolated, and fractional GPU slices never cross a tenant boundary.

Do the same controls apply if we license DC Suite?+

Yes. DC Suite is the same platform that runs the PodStack cloud, so operators who license it inherit the same isolation model and audit-trail architecture on their own hardware.

Ask us anything about security

Send us your security questionnaire, residency requirements, or compliance questions and our team will get back to you.

Protected by reCAPTCHA. We use your details only to respond to your enquiry.