Security & compliance

Trust center.

Memrov is built on HIPAA-eligible AWS infrastructure with end-to-end encryption and private-by-default storage. This page covers our compliance programs, subprocessors, and infrastructure posture.

Take the personality testInfrastructure detailsVerified by TrustCloud
Compliance programs

Certifications

SOC 2
SOC 2Type I
In progress
SOC 2
SOC 2Type II
In progress

We are actively pursuing SOC 2 attestation. Reach out at security@memrov.com to request a copy once available.

Infrastructure

Built on AWS. Secure by default.

Encryption at rest & in transit

All data encrypted with customer-managed AWS KMS keys. TLS enforced end-to-end.

HIPAA-eligible services only

Every AWS service we use is on AWS's published HIPAA-eligible list — no exceptions.

Four isolated encryption keys

Identity, clinical, research, and operational data each use a dedicated KMS key.

Full infrastructure and security details →
Subprocessors

Third-party services

Memrov uses the following third-party services to deliver and operate the product. We require all subprocessors to maintain appropriate security standards.

GitHub
GitHubDevelopment

Source code hosting and version control.

github.com
Google
GoogleProductivity

Workspace and productivity tools.

workspace.google.com
Stripe
StripePayments

Payment processing and billing.

stripe.com
Microsoft
MicrosoftProductivity

Productivity and identity services.

microsoft.com
TrustCloud
TrustCloudCompliance

Security compliance and trust center management.

trustcloud.ai
Amazon Web Services
Amazon Web ServicesInfrastructure

Primary cloud infrastructure — compute, storage, and encryption.

aws.amazon.com
L
LangfuseAI Observability

LLM observability, tracing, and evaluation.

langfuse.com

Questions about our security posture?

Reach out to security@memrov.com for security reviews, NDA-gated documents, or infrastructure questions.

Get your personality reportOpen TrustShare