Trust & Security

SigSlayer is designed to help teams respond to security questionnaires efficiently while maintaining strong security, privacy, and data protection practices.

This page provides an overview of our approach to security and compliance. Detailed legal terms and policies are available on our Legal page.

Security by Design

SigSlayer is built with security as a foundational requirement, not an afterthought.

We follow industry-standard security principles, including:

  • Least-privilege access
  • Logical tenant isolation
  • Defense-in-depth
  • Secure-by-default configurations

Security controls are implemented across application, infrastructure, and operational layers.

Data Protection & Privacy

SigSlayer is established in Sweden and operates in accordance with applicable data protection laws, including the GDPR.

Key principles:

  • We process customer data only on customer instructions
  • Customer content is not used to train shared or public AI models
  • We do not sell personal data
  • Access to customer data is restricted to authorized personnel only

Our data protection commitments are documented in our Enterprise Addendum (DPA + EU SCCs).

AI Usage & Safeguards

SigSlayer uses AI to assist with analyzing and drafting responses to security questionnaires.

Important safeguards:

  • AI features are assistive, not authoritative
  • Outputs require human review before use
  • Customer content is processed only within the customer’s workspace
  • Customer data is not used to train shared or public AI models

Customers remain responsible for validating all generated outputs.

Infrastructure & Hosting

SigSlayer leverages reputable cloud service providers to operate the service.

  • Primary hosting and processing occurs in the United States
  • Data transfers are safeguarded using EU Standard Contractual Clauses where required
  • Subprocessors are subject to contractual security and data protection obligations

A current list of authorized subprocessors is available on our Legal page.

Access Controls & Authentication

We implement controls to limit access to systems and data, including:

  • Role-based access controls
  • Authentication and authorization mechanisms
  • Segregation of customer environments
  • Logging and monitoring of system access

Access is granted only to individuals with a legitimate business need.

Monitoring, Logging & Incident Response

SigSlayer maintains monitoring and logging to detect and respond to security events.

  • System activity is logged for security and operational purposes
  • Alerts are used to identify anomalous behavior
  • Incidents are handled through defined response procedures

In the event of a personal data breach, customers are notified in accordance with applicable law and contractual obligations.

Supplier & Subprocessor Management

Third-party service providers are assessed using a risk-based approach.

  • Subprocessors are selected based on security and reliability considerations
  • Data protection obligations are contractually enforced
  • Subprocessor access is limited to what is necessary to provide the service

See the Subprocessor List for current providers.

Compliance & Standards Alignment

SigSlayer aligns its security and operational practices with widely recognized standards, including:

  • SOC 2 security principles
  • ISO/IEC 27001 control objectives
  • GDPR data protection requirements

Formal certifications or reports may be made available under NDA or upon request where applicable.

Responsible Use

Use of the SigSlayer service is governed by our Acceptable Use Policy.
We prohibit misuse, misrepresentation, and unlawful activity.

Customers are responsible for ensuring that use of the service complies with applicable laws and contractual obligations.

Transparency

We believe transparency builds trust.

Our legal and data protection documentation is publicly available:

  • Terms of Service
  • Privacy Policy
  • Enterprise Addendum (DPA + EU SCCs)
  • Subprocessor List
  • Acceptable Use Policy

Visit the Legal page for full documentation.

Contact

For security, privacy, or trust-related inquiries, contact:

SigSlayer
Email: legal@sigslayer.com

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by
Scroll to Top