We Have Commenced Our SOC 2 Type 2 and GDPR Certification Processes
We are proud to announce that Ur AI has commenced both its SOC 2 Type 2 and GDPR certification processes through Vanta, with the SOC 2 audit engagement scheduled to begin on March 27, 2026. This marks our continued commitment to enterprise-grade security and data privacy.
Tokyo, Japan — February 26, 2026 — We are proud to announce that Ur AI has commenced both its SOC 2 Type 2 and GDPR certification processes, in partnership with Vanta. The SOC 2 formal audit engagement is scheduled to begin on March 27, 2026.
Security and Privacy, Together
Following our ISO 27001 certification in January 2026, SOC 2 Type 2 and GDPR are the natural next steps. Where ISO 27001 establishes the framework of our information security management system, SOC 2 Type 2 provides evidence that our controls have operated effectively over time. GDPR compliance adds the dimension of data privacy — ensuring that how we handle personal data meets the highest regulatory standard globally.
Together, these three frameworks form a comprehensive security and compliance posture: a management system (ISO 27001), operational evidence of sustained controls (SOC 2 Type 2), and data privacy governance (GDPR). For enterprise customers entrusting Specter with sensitive deal data across multiple jurisdictions, this is not a nice-to-have — it is what due diligence on a vendor demands.
Continuous Monitoring via Vanta
We have partnered with Vanta — a leading trust management platform — to run continuous control monitoring across our infrastructure ahead of both audits. Ur AI's real-time security posture, including security collateral, policies, and achieved compliance frameworks, is publicly visible at our Vanta trust page linked below.
Sources
Every step we take on security and privacy — ISO 27001, SOC 2 Type 2, GDPR, continuous monitoring — is about earning and keeping the trust of the customers who rely on us for their most sensitive work.
What Comes Next
The SOC 2 audit observation period begins March 27, 2026. We will share updates on both the SOC 2 Type 2 and GDPR processes as they progress, and expect to complete both in the second half of 2026. In the meantime, enterprise customers and prospects can review our live security posture and available compliance documentation directly through our Vanta trust page.
Ur AI's real-time security posture — including SOC 2 and GDPR progress — is publicly available via Vanta. Reach out to our team for enterprise security documentation.
Frequently Asked Questions
What is SOC 2 Type 2 certification?
SOC 2 Type 2 is an independent audit framework that evaluates whether a company's security controls have operated effectively over a defined observation period — typically six to twelve months. Unlike Type 1 (which assesses controls at a point in time), Type 2 provides evidence of sustained security practices. It is one of the most widely recognized security certifications for enterprise software vendors.
Why is GDPR compliance important for Specter?
GDPR (General Data Protection Regulation) is the EU's data privacy framework governing how personal data is collected, processed, and stored. As Specter serves enterprise customers across Europe and beyond, GDPR compliance ensures our platform meets the highest standards for data subject rights, consent, and data handling — giving our customers the confidence to use Specter in cross-border transactions involving EU-related data.
What is Vanta?
Vanta is a trust management platform that automates security monitoring, evidence collection, and compliance workflows. By partnering with Vanta, Ur AI has continuous visibility into our security posture across SOC 2, GDPR, and other compliance frameworks — with real-time monitoring in place ahead of the formal audits.
