Skip to main content
B2BERP
Back to subscriptions

Trust & Compliance

Last Updated: May 27, 2026

At B2BERP, we maintain strict security, operational transparency, and regulatory compliance. We build our platform to protect enterprise data and help your business meet regional requirements worldwide.

1. Security Architecture

We secure your enterprise data using multi-layered physical and technical controls:

  • Data Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256.
  • Tenant Isolation: Every enterprise client operates in a logically isolated environment to prevent cross-contamination.
  • Audit Logging: Immutable system logs track all user actions, data edits, and access attempts.
  • High Availability: Our application architecture relies on redundant backups across geographically distributed data centers.

2. Global Regulatory Compliance

Our framework aligns with primary data protection standards across global jurisdictions:

United States (State-Level Laws)

  • Status: We act as a Service Provider under the CCPA/CPRA and similar comprehensive US state laws.
  • Data Processing: We handle data strictly to deliver contracted B2B services.
  • Data Selling: B2BERP does not sell corporate or personal information to third parties.

European Union & United Kingdom (GDPR)

  • Status: We operate as a Data Processor for your hosted enterprise operational records.
  • Legal Transfers: We secure international data transfers outside the EEA using standard contractual clauses (SCCs).
  • Subprocessors: We execute strict data processing agreements (DPAs) with infrastructure providers.

Other Jurisdictions

  • Global Scope: Our data infrastructure fulfills regional requirements for Canada (PIPEDA), Brazil (LGPD), and Australia (Privacy Act).

3. Core Commitments & Exclusions

We maintain a transparent service footprint by clearly defining our operating limits:

  • No Mobile Infrastructure: We do not deploy mobile apps, eliminating device tracking risks.
  • No Third-Party Integrations: Your information stays entirely within our isolated core hosting infrastructure.
  • Data Restriction: B2BERP does not host or process protected health information (HIPAA) or restricted government contracts.

4. Enterprise Compliance Resources

We provide documents to streamline your organization's internal compliance audits:

  • Standard DPA: Review or sign our Data Processing Agreement by contacting our team.
  • Subprocessor Directory: Access a verified index of our infrastructure partners.

For compliance questions, please contact our team.