One place for the answers your security team needs.
HiveKey is in private beta. This hub is deliberately honest about what's in place today versus what we're building toward — so you can evaluate us with eyes open.
Stage
Private beta
design partners onboarding
Enforcement
In the path
no out-of-band bypass
Data isolation
Per-tenant
dedicated on Scale
Everything in one hub.
Public docs are linked below. Confidential materials — architecture and data-flow diagrams, subprocessor details, and completed questionnaires — are available under NDA.
Security overview
Our enforcement model, encryption, isolation, and credential vaulting.
Subprocessors
The third parties that process data on our behalf, and why.
Data processing addendum
Our DPA, ready to countersign for GDPR and SCC requirements.
Privacy policy
What we collect, how we use it, and the rights you and your users have.
Status & uptime
How we report system status and uptime during private beta.
Responsible disclosure
How to report a vulnerability and what to expect from us.
Frameworks and where we stand.
No certification is claimed before it's earned. Statuses are updated as our program matures toward general availability.
| Framework | Scope | Status |
|---|---|---|
| SOC 2 Type II | Security, Availability, Confidentiality | In progress |
| ISO/IEC 27001 | ISMS | Designed for |
| GDPR | EU data protection | Aligned |
| CCPA / CPRA | California privacy | Aligned |
| HIPAA | PHI handling (BAA) | Designed for |
| DPA & SCCs | Processor commitments | Available |
| Penetration test | Third-party annual | Planned pre-GA |
Need a framework not listed, or a completed questionnaire (SIG, CAIQ)? Ask our team.
Request the confidential security package.
Vendor review in flight? We'll set up an NDA and share our architecture overview, data-flow diagrams, subprocessor list, and any completed questionnaires your team uses.
Evaluating HiveKey for your org?
Bring your security questionnaire. We'll get you the answers and walk your team through the enforcement model.