Context | Trust Portal

Live monitoring by Delve

Context Compliance Report

Context is in compliance with security best practices, has implemented and is monitoring comprehensive controls, and maintains policies to outline its security procedures.

Ctrl+K

Compliance Certifications

We maintain the highest industry standards and regularly undergo rigorous third-party audits to ensure compliance.

Compliant

ISO 27001

A global standard that defines best practices for information security management systems (ISMS) — used across industries.

Continuously monitored

Compliant

SOC 2 Type II

Audited controls for security, availability, and confidentiality trust service principles with an observation period.

Last audit: July 2025

Compliant

SOC 2 Type I

Audited controls for security, availability, and confidentiality trust service principles.

Resource Library

Access our security documentation, policies, and compliance reports.

PDF

ISO27001

Compliance report

PDF

SOC 2 Type II

Compliance report

PDF

SOC 2 Type I

Compliance report

PDF

Age Verification and Parental Consent Policy

Age Verification and Parental Consent Policy document

Updated: November 2025

PDF

Personnel Security Policy

Personnel Security Policy document

Updated: November 2025

PDF

Acceptable Use Policy

Acceptable Use Policy document

Updated: November 2025

Security controls

Our comprehensive security program includes controls across multiple domains to protect your data.

Access Control & Authorization

LIVE

Access Control Procedures

Completed

Access Review of Infrastructure

Completed

Employee Handbook

Completed

Compliance with Regulations & Standards

LIVE

Age Verification and Parental/guardian Consent Process

Completed

Anonymization/pseudonymization Process Documentation

Completed

Appointment Agreement for EU Representative

Completed

Data Protection & Privacy

LIVE

Access Control Procedures

Completed

Access Restricted to Modify Infrastructure

Completed

Anonymization/pseudonymization Process Documentation

Completed

Governance & Oversight

LIVE

Anonymization/pseudonymization Process Documentation

Completed

Background Checks

Completed

Cooperation Agreements/data Sharing Frameworks

Completed

IT & Operational Security

LIVE

Alerts and Remediation

Completed

Application Outages

Completed

Asset Register List

Completed

Risk & Compliance Management

LIVE

Access Control Procedures

Completed

Board Charter

Completed

Board Meeting Minutes

Completed

Access Control & Authorization

LIVE

Access Control Procedures

Completed

Access Review of Infrastructure

Completed

Employee Handbook

Completed

Environmental Security Control

Completed

Compliance with Regulations & Standards

LIVE

Age Verification and Parental/guardian Consent Process

Completed

Anonymization/pseudonymization Process Documentation

Completed

Appointment Agreement for EU Representative

Completed

Data Protection & Privacy

LIVE

Access Control Procedures

Completed

Access Restricted to Modify Infrastructure

Completed

Anonymization/pseudonymization Process Documentation

Completed

Asset Register List

Completed

Governance & Oversight

LIVE

Anonymization/pseudonymization Process Documentation

Completed

Background Checks

Completed

Cooperation Agreements/data Sharing Frameworks

Completed

Criminal Data Processing Policy

Completed

IT & Operational Security

LIVE

Alerts and Remediation

Completed

Application Outages

Completed

Asset Register List

Completed

Asset Register Maintaining

Completed

Risk & Compliance Management

LIVE

Access Control Procedures

Completed

Board Charter

Completed

Board Meeting Minutes

Completed

Chief Information Security Officer Appointment

Completed

Access Control & Authorization

LIVE

Access Control Procedures

Completed

Access Review of Infrastructure

Completed

Employee Handbook

Completed

Environmental Security Control

Completed

Compliance with Regulations & Standards

LIVE

Age Verification and Parental/guardian Consent Process

Completed

Anonymization/pseudonymization Process Documentation

Completed

Appointment Agreement for EU Representative

Completed

Data Protection & Privacy

LIVE

Access Control Procedures

Completed

Access Restricted to Modify Infrastructure

Completed

Anonymization/pseudonymization Process Documentation

Completed

Asset Register List

Completed

Governance & Oversight

LIVE

Anonymization/pseudonymization Process Documentation

Completed

Background Checks

Completed

Cooperation Agreements/data Sharing Frameworks

Completed

Criminal Data Processing Policy

Completed

IT & Operational Security

LIVE

Alerts and Remediation

Completed

Application Outages

Completed

Asset Register List

Completed

Asset Register Maintaining

Completed

Risk & Compliance Management

LIVE

Access Control Procedures

Completed

Board Charter

Completed

Board Meeting Minutes

Completed

Chief Information Security Officer Appointment

Completed

Showing 6 of 7 control categories

Subprocessors directory

We carefully select and monitor all third-party services that process data on our behalf.

Anthropic

AI & ML Services

Supabase

Data Stores & Warehouses

Reducto Document Ingestion API

Custom Integration

Virtual Machines for AI Agents

Custom Integration

Trigger.dev

Custom Integration

Fly.io

Cloud Infrastructure & Platform Services

Showing 6 of 9 subprocessors

Frequently Asked Questions

Find answers to common questions about our security and compliance practices.

Our Security Commitment

At Context, security isn't just a feature—it's foundational to everything we build. Our security-first mindset drives our development processes, infrastructure decisions, and organizational policies. We treat the data entrusted to us—whether from our customers, their end users, or anyone who interacts with our organization—with the utmost care and responsibility. Security is embedded in our DNA, enabling us to deliver innovative solutions without compromising on protection.

Monitored by

Live monitoring by Delve

Context Compliance Report

Context is in compliance with security best practices, has implemented and is monitoring comprehensive controls, and maintains policies to outline its security procedures.

Ctrl+K

Compliance Certifications

We maintain the highest industry standards and regularly undergo rigorous third-party audits to ensure compliance.

Compliant

ISO 27001

A global standard that defines best practices for information security management systems (ISMS) — used across industries.

Continuously monitored

Compliant

SOC 2 Type II

Audited controls for security, availability, and confidentiality trust service principles with an observation period.

Last audit: July 2025

Compliant

SOC 2 Type I

Audited controls for security, availability, and confidentiality trust service principles.

Resource Library

Access our security documentation, policies, and compliance reports.

PDF

ISO27001

Compliance report

PDF

SOC 2 Type II

Compliance report

PDF

SOC 2 Type I

Compliance report

PDF

Age Verification and Parental Consent Policy

Age Verification and Parental Consent Policy document

Updated: November 2025

PDF

Personnel Security Policy

Personnel Security Policy document

Updated: November 2025

PDF

Acceptable Use Policy

Acceptable Use Policy document

Updated: November 2025

Security controls

Our comprehensive security program includes controls across multiple domains to protect your data.

Access Control & Authorization

LIVE

Access Control Procedures

Completed

Access Review of Infrastructure

Completed

Employee Handbook

Completed

Compliance with Regulations & Standards

LIVE

Age Verification and Parental/guardian Consent Process

Completed

Anonymization/pseudonymization Process Documentation

Completed

Appointment Agreement for EU Representative

Completed

Data Protection & Privacy

LIVE

Access Control Procedures

Completed

Access Restricted to Modify Infrastructure

Completed

Anonymization/pseudonymization Process Documentation

Completed

Governance & Oversight

LIVE

Anonymization/pseudonymization Process Documentation

Completed

Background Checks

Completed

Cooperation Agreements/data Sharing Frameworks

Completed

IT & Operational Security

LIVE

Alerts and Remediation

Completed

Application Outages

Completed

Asset Register List

Completed

Risk & Compliance Management

LIVE

Access Control Procedures

Completed

Board Charter

Completed

Board Meeting Minutes

Completed

Access Control & Authorization

LIVE

Access Control Procedures

Completed

Access Review of Infrastructure

Completed

Employee Handbook

Completed

Environmental Security Control

Completed

Compliance with Regulations & Standards

LIVE

Age Verification and Parental/guardian Consent Process

Completed

Anonymization/pseudonymization Process Documentation

Completed

Appointment Agreement for EU Representative

Completed

Data Protection & Privacy

LIVE

Access Control Procedures

Completed

Access Restricted to Modify Infrastructure

Completed

Anonymization/pseudonymization Process Documentation

Completed

Asset Register List

Completed

Governance & Oversight

LIVE

Anonymization/pseudonymization Process Documentation

Completed

Background Checks

Completed

Cooperation Agreements/data Sharing Frameworks

Completed

Criminal Data Processing Policy

Completed

IT & Operational Security

LIVE

Alerts and Remediation

Completed

Application Outages

Completed

Asset Register List

Completed

Asset Register Maintaining

Completed

Risk & Compliance Management

LIVE

Access Control Procedures

Completed

Board Charter

Completed

Board Meeting Minutes

Completed

Chief Information Security Officer Appointment

Completed

Access Control & Authorization

LIVE

Access Control Procedures

Completed

Access Review of Infrastructure

Completed

Employee Handbook

Completed

Environmental Security Control

Completed

Compliance with Regulations & Standards

LIVE

Age Verification and Parental/guardian Consent Process

Completed

Anonymization/pseudonymization Process Documentation

Completed

Appointment Agreement for EU Representative

Completed

Data Protection & Privacy

LIVE

Access Control Procedures

Completed

Access Restricted to Modify Infrastructure

Completed

Anonymization/pseudonymization Process Documentation

Completed

Asset Register List

Completed

Governance & Oversight

LIVE

Anonymization/pseudonymization Process Documentation

Completed

Background Checks

Completed

Cooperation Agreements/data Sharing Frameworks

Completed

Criminal Data Processing Policy

Completed

IT & Operational Security

LIVE

Alerts and Remediation

Completed

Application Outages

Completed

Asset Register List

Completed

Asset Register Maintaining

Completed

Risk & Compliance Management

LIVE

Access Control Procedures

Completed

Board Charter

Completed

Board Meeting Minutes

Completed

Chief Information Security Officer Appointment

Completed

Showing 6 of 7 control categories

Subprocessors directory

We carefully select and monitor all third-party services that process data on our behalf.

Anthropic

AI & ML Services

Supabase

Data Stores & Warehouses

Reducto Document Ingestion API

Custom Integration

Virtual Machines for AI Agents

Custom Integration

Trigger.dev

Custom Integration

Fly.io

Cloud Infrastructure & Platform Services

Showing 6 of 9 subprocessors

Frequently Asked Questions

Find answers to common questions about our security and compliance practices.

Our Security Commitment

Monitored by

Compliance Certifications

ISO 27001

SOC 2 Type II

SOC 2 Type I

Resource Library

ISO27001

SOC 2 Type II

SOC 2 Type I

Age Verification and Parental Consent Policy

Personnel Security Policy

Acceptable Use Policy

Security controls

Access Control & Authorization

Compliance with Regulations & Standards

Data Protection & Privacy

Governance & Oversight

IT & Operational Security

Risk & Compliance Management

Access Control & Authorization

Compliance with Regulations & Standards

Data Protection & Privacy

Governance & Oversight

IT & Operational Security

Risk & Compliance Management

Access Control & Authorization

Compliance with Regulations & Standards

Data Protection & Privacy

Governance & Oversight

IT & Operational Security

Risk & Compliance Management

Subprocessors directory

Anthropic

Supabase

Reducto Document Ingestion API

Virtual Machines for AI Agents

Trigger.dev

Fly.io

Frequently Asked Questions

How are emergency changes handled?

How do you monitor vendor performance and compliance?

What is your approach to security patching?

How do we manage risks associated with third-party vendors?

What safeguards exist for source code changes?

What background verification is performed for new personnel?

Our Security Commitment

Compliance Certifications

ISO 27001

SOC 2 Type II

SOC 2 Type I

Resource Library

ISO27001

SOC 2 Type II

SOC 2 Type I

Age Verification and Parental Consent Policy

Personnel Security Policy

Acceptable Use Policy

Security controls

Access Control & Authorization

Compliance with Regulations & Standards

Data Protection & Privacy

Governance & Oversight

IT & Operational Security

Risk & Compliance Management

Access Control & Authorization

Compliance with Regulations & Standards

Data Protection & Privacy

Governance & Oversight

IT & Operational Security

Risk & Compliance Management

Access Control & Authorization

Compliance with Regulations & Standards

Data Protection & Privacy

Governance & Oversight

IT & Operational Security

Risk & Compliance Management

Subprocessors directory

Anthropic

Supabase

Reducto Document Ingestion API

Virtual Machines for AI Agents