background-image
Start your security review
View & download sensitive information
Ask for information
ControlK

At Hypatos, keeping our customers' documents and data safe sits at the core of everything we do.

Our security program is led by a dedicated team and built on an ISO 27001-certified ISMS, with ISO 27017 and ISO 27018 extensions for cloud and privacy. It is independently verified by a SOC 2 Type II attestation covering Security, Availability, and Confidentiality, with mappings to HIPAA and BSI C5. We process personal data in accordance with GDPR, and we make a completed CAIQ available on request for full transparency. Effectiveness is maintained through continuous monitoring in our compliance platform, reinforced by regular internal reviews, third-party audits, and independent penetration testing.

For more information, reach out to our Security team at security@hypatos.ai.

Documents

COMPLIANCESOC 2 Type 2

Product Security

We pay great attention to enterprise features such as access control and single sign on. We are happy to provide more details about our enterprise features upon request.

Data Security

We follow industry best practices for data security. We are happy to provide more details about our data security practices upon request.

App Security

We take application security seriously and are putting together a program to monitor internal apps.

AI

We take the usage of AI seriously in our organization and work to ensure security and reliability of the AI.

Data Privacy

Privacy of customer data is top of mind. We follow industry best practices and follow all applicable privacy regulations.

Access Control

Access is tightly monitored and controlled at our company. We are happy to provide more details about our access control practices upon request.

Infrastructure

We take great care to work with best-in-class infrastructure providers that provide secure computing and storage. We are happy to provide more details about our infrastructure upon request.

Endpoint Security

We follow industry best practices for endpoint security. We are happy to provide more details about our endpoint security practices upon request.

Network Security

We protect our corporate network against external & internal threats.

Corporate Security

We implement internal measures and practices to maintain a high standard of security.

Policies

We are currently working with experts to put together our company policies. Please contact us for more details.

Incident Response

We have a dedicated team that responds to security incidents. We are happy to provide more details about our incident response practices upon request.

Risk Management

We have a dedicated team that manages security risks. We are happy to provide more details about our risk management practices upon request.

Asset Management

We have strict asset management policies in place to ensure that all assets are accounted for and secure.

BC/DR

We have a business continuity plan in place to ensure that we can continue to operate in the event of a disaster.

Training

We provide security awareness training to all employees to ensure that they are aware of security best practices.

Change Management

We have a change and configuration management process in place to ensure that changes are properly reviewed and approved.

Continuous Monitoring

We continuously monitor our systems for security threats and vulnerabilities. We are happy to provide more details about our continuous monitoring practices upon request.

If you think you may have discovered a vulnerability, please send us a note.
Report issue
Built onSafeBase by Drata Logo

Hypatos enables The Agentic GBS with AI agents that execute end-to-end processes across P2P & O2C - making decisions within human-set boundaries and scaling operations without headcount growth. We put process ownership in the hands of business leaders, elevating organizations from support providers to business partners. Results: 90%+ straight-through processing, 6-9 month ROI, and 20x productivity gains. Trusted by enterprises in Europe and North America, with hubs in Berlin, Miami, and New York, and teams across 15+ countries.