Enterprise security.
SOC 2 Type II, ISO 27001, end-to-end encryption, and Gulf data residency.
Certifications & compliance
SOC 2 Type II
Annual independent audit of security and availability controls.
ISO 27001
Certified information security management system.
PDPL Ready
Compliance tooling for Saudi data protection law.
Meta Tech Provider
Certified Meta Business Solutions partner.
Encryption & protection
Encryption at rest and in transit
AES-256 at rest, TLS 1.3 in transit for all data.
Key management
AWS KMS with automatic rotation and per-tenant separation.
Data residency
Choose Riyadh or Dubai — no cross-region transfer without consent.
Audit & access control
RBAC, full audit logs, and mandatory 2FA for admins.
Our commitment
Customer data security is not a feature — it's the foundation. Every engineer completes annual security training.
We run quarterly penetration tests and share summary results with Enterprise customers.
For DPA requests or security questionnaires: legal@yexa.pro