Wenme

GDPR & SOC 2 Compliance

LoneSock's Wenme platform is designed with compliance at its core. Our 100% passwordless architecture eliminates common compliance risks while meeting the strictest regulatory requirements.

GDPR Compliance

General Data Protection Regulation (EU) 2016/679

Data Subject Rights

  • Right to Access
    Export your data anytime via profile settings
  • Right to Rectification
    Update your information instantly in your profile
  • Right to Erasure
    Delete account and all data within 30 days
  • Right to Portability
    Download data in machine-readable format

Privacy by Design

  • Data Minimization
    We only collect essential authentication data
  • Purpose Limitation
    Data used only for authentication and security
  • Storage Limitation
    Automatic data retention policies
  • No Password Storage
    Eliminates password breach risks entirely
GDPR Compliant Since Day One

Our architecture was designed with GDPR principles from the ground up, not retrofitted for compliance.

SOC 2 Type II Ready

Service Organization Control 2 - Trust Service Criteria

Trust Service Criteria

Security
Protection against unauthorized access
  • • Multi-factor authentication mandatory for all accounts
  • • Encrypted data at rest (AES-256-GCM) and in transit (TLS 1.3)
  • • Regular security assessments and penetration testing
  • • 24/7 security monitoring and incident response
Availability
System accessibility and operational performance
  • • 99.99% uptime SLA guarantee
  • • Multi-region deployment with automatic failover
  • • Real-time system monitoring and alerting
  • • Disaster recovery and business continuity plans
Processing Integrity
Complete, valid, accurate, and authorized processing
  • • Input validation on all data entry points
  • • Comprehensive audit logging of all transactions
  • • Automated testing and quality assurance
  • • Change management and version control
Confidentiality
Protection of confidential information
  • • Role-based access control (RBAC)
  • • Data classification and handling procedures
  • • Non-disclosure agreements for all personnel
  • • Secure data disposal and retention policies
Privacy
Personal information lifecycle management
  • • Explicit consent for data collection
  • • User control over personal information
  • • Data subject rights enforcement
  • • Privacy impact assessments

Additional Compliance Standards

HIPAA

HIPAA Ready

Healthcare compliance with PHI protection, audit controls, and BAA availability

PCI

PCI DSS

Payment card security with tokenization and secure authentication

ISO

ISO 27001

Information security management system standards

CCPA

CCPA Compliant

California Consumer Privacy Act with data rights management

NIST

NIST Framework

Cybersecurity framework implementation

FIDO

FIDO Certified

FIDO2/WebAuthn certified implementation

Audit Reports & Documentation

Available Reports

  • SOC 2 Type II Report (Annual)
  • Penetration Test Results (Quarterly)
  • GDPR Compliance Attestation
  • Security Whitepaper

Request Access

Enterprise customers can request access to our compliance documentation and audit reports under NDA.

Request Compliance Documents
Compliance Team Contact

For compliance inquiries or audit requests, contact: compliance@lonesock.pro

The Zero-Password Compliance Advantage

By eliminating passwords entirely, LoneSock's Wenme platform automatically prevents the most common compliance violations and security breaches.

0%

Risk of password breach

100%

Phishing resistant

Password complexity (no passwords!)