Skip to main content
eshopOS
Trust Center

Compliance Controls

These controls summarize the operating documentation behind the trust badges shown on the marketing site. Formal certification claims stay separate from self-assessed control positions.

GDPR Compliant

Self-assessed privacy controls, consent records, rights workflows, retention practices, and processor terms support the platform's GDPR compliance position.

Privacy PolicyData Processing AgreementGDPR controls baselineData subject request workflows

ISO 27001 Ready

The platform maintains an operating security baseline and documented path toward a formal ISMS. This is readiness, not a certificate claim.

Information security policyRisk baselineIncident response expectationsSecurity control documentation

99.9% Uptime SLA

The hosted platform operates against a 99.9% monthly uptime target for covered public commerce services, backed by health checks, monitoring, and a public status page.

Uptime SLA documentPublic status pageHealth and readiness endpointsDeployment monitoring

Payment Security Boundary

Card and wallet collection should be handled by supported payment providers and hosted payment experiences. Merchants must not upload sensitive cardholder data into platform content fields.

Payments and Payouts guideAcceptable Use PolicyProvider-hosted payment flowsPCI scope documentation

Related documents

Privacy PolicyData ProcessingPayments and PayoutsInfrastructure AnnexSystem Status