Trust & Security
Built for the scrutiny of security teams.
Desklyx handles millions of customer conversations a day across regulated industries. Our security program is designed to meet the bar of the most demanding IT, legal, and compliance reviews.
SOC 2 Type II
Independently audited annually across security, availability, and confidentiality. Report available under NDA.
Encryption everywhere
TLS 1.3 in transit, AES-256 at rest, and envelope-encrypted customer attachments in isolated buckets.
SSO + SCIM
SAML 2.0 and OIDC single sign-on with SCIM 2.0 user provisioning on Pro and Enterprise plans.
Data residency
Choose US, EU, or APAC data residency on Enterprise. Your customer data never leaves the region you select.
Audit logs
Every admin action, role change, and data export is logged. Stream to your SIEM via webhook or SFTP.
Dedicated infrastructure
Enterprise customers can opt into a single-tenant deployment with customer-managed encryption keys.
Compliance & certifications
SOC 2 Type II
Covering security, availability, and confidentiality. Reviewed annually by an independent CPA firm.
GDPR
EU data residency available. DPAs signed by default for all paying customers.
HIPAA
BAAs available on the Enterprise plan for covered entities and business associates.
ISO 27001
Certification in progress, expected completion within the current fiscal year.
PCI DSS
We never store card data. Payments are handled by our PCI Level 1 processor.
CCPA
Full data access and deletion workflows for California residents, served in under 30 days.
Need our security package?
We can share our SOC 2 report, pen test summary, questionnaire responses (SIG, CAIQ), and DPA under NDA. Most reviews close in under two weeks.