Security & Compliance — UnlockLand
Security & Compliance

Security built into every decision.

The data you bring to UnlockLand — properties, projects, and assumptions — is sensitive. We protect it with encryption, strict access controls, a SOC 2 program, and a disciplined approach to infrastructure and privacy.

Visit Trust Portal Report a vulnerability
Team reviewing compliance in a boardroom
Trusted by serious teams

Enterprise-grade controls your reviewers can verify.

SOC 2 — AICPA SOC for Service Organizations
SOC 2
Type II program
AES-256
Encrypted at rest
TLS 1.2+
Encrypted in transit
GDPR
Privacy aligned
99.9% uptime
Monitored 24/7

How your data is protected, end to end

From your browser to storage, every hop is encrypted and every access is controlled and logged.

Data-protection architecture ALL HOPS ENCRYPTED
You Browser / API client TLS 1.2+ Edge & WAF DDoS + filtering Application RBAC · least privilege Storage AES-256 at rest Continuous monitoring, logging & alerting across every layer — with audited admin actions and automated backups. ENCRYPTED IN TRANSIT ACCESS CONTROLLED ENCRYPTED AT REST

Illustrative architecture — encryption in transit and at rest, with access controls and monitoring throughout.

SOC 2 — AICPA SOC for Service Organizations

SOC 2 compliant

UnlockLand maintains a SOC 2 program aligned to the AICPA Trust Services Criteria for security, availability, and confidentiality. Our controls are independently examined, and our policies, monitoring, and incident response are reviewed on an ongoing basis. You can review our current reports, certifications, and security documentation in our trust portal.

Open the Trust Portal →

How we protect your data

{{ c.tag }}
{{ c.title }}

{{ c.body }}

Encryption everywhere

Data is protected both as it moves and where it lives.

In transit

All traffic between you and UnlockLand is encrypted using TLS. We enforce HTTPS across the platform and APIs so data is never exposed on the wire.

At rest

Stored data is encrypted at rest using industry-standard AES-256. Encryption keys are managed through our cloud provider's key management service with restricted access.

Security controls checklist
18 / 18 in place
Data & encryption
TLS 1.2+ enforced on all traffic
AES-256 encryption at rest
Managed key management service
Customer data segregation
Data minimization by default
Access
Role-based access control (RBAC)
Enforced authentication & SSO
Audited administrative actions
Least-privilege production access
Infrastructure
Network isolation & segmentation
Automated patching
Encrypted, regular backups
Redundant, multi-AZ infrastructure
Published live status page
Operations & governance
SOC 2 program & annual review
Logging, alerting & monitoring
Defined incident response process
Responsible disclosure program

Data privacy by design

We collect only what we need to deliver the product, keep customer data segregated, and never sell your data. Our handling of personal information — including your rights and international transfers — is described in full in our Privacy Policy.

Read the Privacy Policy →

Responsible disclosure

We welcome reports from security researchers. If you believe you have found a vulnerability in UnlockLand, please email security@unlock.land with the details and steps to reproduce. We ask that you give us a reasonable opportunity to investigate and remediate before public disclosure, avoid accessing or modifying data that is not yours, and act in good faith to protect customer privacy. We will acknowledge valid reports and keep you updated through resolution.

Security contact
security@unlock.land

Have a security or compliance question?

Our team can walk your security reviewers through our controls and share documentation under NDA.

Visit Trust Portal Talk to sales