Loading
Enterprise — Trust Center
Security, compliance, and operational transparency for teams that need more than a promise.
Security posture
Hosted on Vercel (SOC 2 Type II, ISO 27001) with Supabase (SOC 2 Type II, AES-256 encryption at rest). Enterprise-grade infrastructure without the overhead.
CSRF protection on every API route, input validation and HTML escaping on all form data, IP-based rate limiting, and strict CSP, HSTS, X-Frame-Options, and nosniff headers.
TLS 1.3 for all data in transit. AES-256 encryption at rest via our infrastructure partners. No plaintext secrets in code — all credentials managed via environment variables.
Environment variables managed through Vercel with role-based access. API key rotation policies enforced. Least-privilege principle applied across all services and team members.
Real-time error tracking with automated alerting. Uptime monitoring across all production endpoints. Anomaly detection for traffic spikes and suspicious patterns.
24-hour response SLA for security incidents. Documented escalation path from engineering to leadership. Post-incident reviews with root cause analysis and remediation timelines.
Compliance
India IT Act 2000
Compliant
SPDI Rules 2011
Compliant
GDPR-aware practices
Compliant
HIPAA-aware development
Available on request
PCI DSS awareness
No payment data stored
SOC 2 Type II
Via infrastructure partners (Vercel, Supabase)
SLA tiers
IP & Code Ownership
We believe in clean ownership. When you pay for work, you own the result — no licensing tricks, no proprietary frameworks, no lock-in. Period.
All deliverables — source code, designs, documentation, and databases — transfer to the client on full payment.
NDAs signed before any detailed technical or business discussions begin.
Professional indemnity insurance carried for all active engagements.
No vendor lock-in: we build on standard, open-source stacks (Next.js, React, Node.js, Python, PostgreSQL).
Clean handover documentation provided at project completion.
Data residency
Application hosting
Vercel (US-East default, with EU and APAC region options)
Database
Supabase (configurable region — US, EU, Singapore, Sydney)
Resend (US)
Data retention
No client data stored beyond project lifecycle + 3 years
Data deletion
Available on request with written confirmation
Vendor information
Registered name
Udaan Technologies Pvt. Ltd.
CIN / Registration
Available on request
Founded
2014
Registered Office
22/324, New Moti Nagar, Delhi - 110015, India
Professional Indemnity Insurance
Yes
DUNS Number
Available on request
SOC 2 reports, vendor assessment packages, security questionnaire responses, and compliance documentation — available on request. Email trust@udaantechnologies.com or use the button to get started.
Or book a free 30-minute discovery call
( we reply within one business day )