AltitudeIQ provides enterprise data quality software designed to operate inside customer-controlled environments. For details on personal information handling, see our Privacy Policy.
Compliance Posture
AltitudeIQ operates in alignment with the SOC 2 Trust Services Criteria. A formal SOC 2 readiness assessment is underway. AltitudeIQ is not currently SOC 2 certified.
For HIPAA-regulated customers, AltitudeIQ enters into Business Associate Agreements and operates as a Business Associate under HIPAA. AltitudeIQ is not a system of record. Customers retain regulatory validation responsibility for activities conducted in their environments.
Data Handling
Customer production data remains within customer-controlled cloud environments. AltitudeIQ does not extract, transmit, or store customer data outside the customer environment unless expressly authorized in writing. Customer data is not used to train models for other customers.
Incident Response and Breach Notification
AltitudeIQ maintains a documented incident response process. Breach notification timelines are governed by executed Business Associate Agreements and Master Services Agreements. HIPAA regulatory notification of a breach of unsecured Protected Health Information is provided within 60 calendar days, as required by 45 CFR § 164.404.
Vulnerability Disclosure
To report a suspected security vulnerability, email security@altitudeiq.ai. Reports are reviewed and triaged based on severity. Please do not include Protected Health Information, customer data, or production credentials in vulnerability reports.
Scope and Limitations
This page describes AltitudeIQ's compliance posture as of the date below and does not constitute legal advice, contractual commitment, or warranty. Specific commitments to a customer are governed by that customer's executed Master Services Agreement, Business Associate Agreement, and Data Processing Agreement.
Contact
For compliance and governance inquiries — including sub-processor information, AI governance details, and procurement diligence requests: