Security and privacy, built in
Ingest Labs is built for enterprises that demand the highest standards of data protection. SOC 2 Type II certified, GDPR, CCPA, and HIPAA compliant — with flexible deployment options that keep your data exactly where you need it.
SOC 2 Type II
GDPR
CCPA
Our security principles
Every feature, integration, and deployment option is built around four foundational commitments.
Data stays yours
Your data is never shared, sold, or used to train models. You own it, you control it, you delete it when you want.
Deploy anywhere
Choose where your infrastructure runs — US, EU, APAC, or any cloud region. Data residency is in your hands.
Encrypted everywhere
TLS 1.2+ in transit, AES-256 at rest. Bring your own encryption keys for complete key ownership.
Transparent by default
Full audit trails, real-time monitoring, and detailed access logs. See exactly who did what and when.
Compliance & certifications
Independently audited and continuously monitored to meet the frameworks your security team requires.
SOC 2 Type II
Ingest Labs maintains an active SOC 2 Type II certification, audited annually by an independent third-party firm. Our report covers security, availability, and confidentiality trust service criteria — verifying that our controls are not just designed correctly but operating effectively over time.
Enterprise customers can request a copy of our latest SOC 2 report.
GDPR
Ingest Labs is fully compliant with the EU General Data Protection Regulation. We act as a data processor, execute Data Processing Agreements (DPAs), support data subject access and deletion requests, and offer EU-based deployment options so personal data never leaves the region.
DPA available on request for all customers.
CCPA / CPRA
Ingest Labs supports compliance with the California Consumer Privacy Act and its successor, the California Privacy Rights Act. We provide tools for honoring consumer opt-out requests, data deletion, and do-not-sell signals — integrated directly into the server-side tracking pipeline.
Consent enforcement built into Event IQ and Ingest IQ.
HIPAA
For healthcare and life sciences customers, Ingest Labs supports HIPAA compliance. We sign Business Associate Agreements (BAAs), enforce PHI-specific access controls, and offer dedicated deployments with encryption and audit logging that meets HIPAA's administrative, physical, and technical safeguard requirements.
BAA available for dedicated deployment customers.
Your data stays where it belongs
Most platforms force you to move data into their cloud. Ingest Labs gives you the choice — multi-tenant for speed, or a fully dedicated deployment so your data never leaves your environment.
Multi-Tenant Cloud
Shared infrastructure with strict logical isolation. Get started in minutes with enterprise-grade security built in — no infrastructure to manage.
- SOC 2 Type II certified infrastructure
- Tenant-level data isolation and encryption
- 99.9% uptime SLA
- Automatic updates and maintenance
- US and EU region options
Dedicated Deployment
Your own isolated infrastructure in your preferred cloud region. Full control over data residency, networking, and encryption — your data never leaves your environment.
- Fully isolated single-tenant infrastructure
- Choose any AWS, Azure, or GCP region
- VPC peering & AWS PrivateLink support
- Bring your own encryption keys (BYOK)
- Custom domain, dedicated IPs, SSO enforcement
- 99.95% uptime SLA + BAA for HIPAA
Stop moving data to your vendor. Move processing to your data.
Traditional analytics and tracking platforms require you to send all your customer data to their infrastructure. Every transfer creates risk — regulatory exposure, latency, and loss of control.
Ingest Labs flips this model. With dedicated deployments, your data stays in your cloud environment. We bring the processing, enrichment, and routing to where your data already lives — so nothing moves unless you want it to.
Data residency
Pick the exact region. US-East, EU-West, APAC, or your own VPC. Data never crosses borders without your explicit configuration.
No data migration
Stop ETL-ing data into yet another vendor's warehouse. Ingest Labs processes events at the edge and routes them to your existing destinations.
Private connectivity
VPC peering and PrivateLink keep traffic off the public internet entirely. Data flows directly between your cloud and ours.
Enterprise security capabilities
Built-in security features that your InfoSec team will appreciate — not bolt-ons added after the fact.
SSO & SAML
Enforce single sign-on via Entra ID, Okta, or any SAML 2.0 provider. Centralize access management through your identity provider.
Role-Based Access Control
Granular permissions with predefined roles — Admin, Editor, Viewer — plus custom roles for fine-grained control over who can access what.
Audit Logs
Complete audit trail of every configuration change, login event, and data access. Exportable for your SIEM or compliance reporting.
Encryption & Key Management
AES-256 at rest, TLS 1.2+ in transit. Dedicated customers can bring their own keys via AWS KMS, Azure Key Vault, or GCP Cloud KMS.
Consent Enforcement
Server-side consent checks integrated with OneTrust, Consentmo, and custom consent solutions. Events are filtered at the source before reaching any destination.
Data Retention Controls
Configure how long data is retained, automate deletion schedules, and handle data subject requests directly from the platform. Full lifecycle control.
Infrastructure you can trust
Built on world-class cloud infrastructure with redundancy, monitoring, and incident response baked into every layer.
Uptime SLA across all deployment options
Distributed across availability zones with automatic failover
Monitoring, alerting, and on-call incident response
Edge processing latency for real-time event routing
Frequently Asked Questions
Is Ingest Labs SOC 2 Type II certified?
Yes. Ingest Labs maintains an active SOC 2 Type II certification, audited annually by an independent third-party firm. Our report covers security, availability, and confidentiality trust service criteria. Enterprise customers can request a copy of our latest report.
How does Ingest Labs handle GDPR compliance?
Ingest Labs is fully GDPR compliant. We act as a data processor, offer Data Processing Agreements (DPAs), support data subject access and deletion requests, and provide EU-based deployment options so personal data never leaves the region.
Can we keep our data in a specific region?
Yes. With dedicated deployments, you choose exactly where your infrastructure runs — US, EU, APAC, or any AWS/Azure/GCP region. Data residency is fully under your control, meeting even the strictest regulatory requirements.
What is the difference between multi-tenant and dedicated deployment?
Multi-tenant runs on shared infrastructure with strict logical isolation between customers — ideal for fast onboarding and cost efficiency. Dedicated deployment gives you your own isolated infrastructure, custom domain, dedicated IP ranges, and the ability to connect directly to your cloud VPC. Both options are SOC 2 compliant.
Does Ingest Labs support HIPAA?
Yes. Ingest Labs supports HIPAA compliance for healthcare and life sciences customers. We sign Business Associate Agreements (BAAs), enforce PHI-specific access controls, and offer dedicated deployments with encryption and audit logging that meets HIPAA requirements.
How does Ingest Labs handle data encryption?
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. Dedicated deployment customers can bring their own encryption keys (BYOK) via AWS KMS, Azure Key Vault, or GCP Cloud KMS for full key ownership.
Can Ingest Labs connect to our private cloud network?
Yes. Dedicated deployments support VPC peering and AWS PrivateLink, so data flows directly between your cloud environment and Ingest Labs without traversing the public internet.
What uptime does Ingest Labs guarantee?
Ingest Labs maintains a 99.9% uptime SLA for multi-tenant customers and 99.95% for dedicated deployments. Our infrastructure is distributed across multiple availability zones with automatic failover.
Ready to see our security posture firsthand?
Talk to our team about compliance requirements, deployment options, and how Ingest Labs fits your security program.