Trust & Security
Everything you need to answer security, compliance, and data privacy questions from prospects. Use this page to build confidence during the sales process.
Komo Trust Center
Share this link with prospects who need security documentation, compliance certificates, and policy details — komo.trust.site
Compliance Certifications
SOC 2 Type 1
Compliant
ISO 27001
Compliant
GDPR
Compliant
UK GDPR
Compliant
Trusted By
Komo is trusted by enterprise brands across media, insurance, real estate, sport, and entertainment.
Foxtel
QBE
iHeart Media
JLL
ReedPop
NRL
Security Posture
Data encrypted in transit (TLS 1.3) and at rest
Hosted on Google Cloud Platform (GKE) with Cloudflare CDN/DDoS protection
3 availability zones for redundancy
Regular external penetration testing
Continuous vulnerability scanning of Docker containers
Code reviews before all changes
Security keys automatically rotated
VPN-protected infrastructure — only web traffic ports exposed
12 Factor Application principles
99.97% uptime over the last 12 months
Data Ownership & Privacy
You Own Your Data
Komo does not claim rights to customer data. You own all data collected through the platform. Komo acts as a data processor, not a data controller.
You Control Data Collection
You decide what data Komo collects via fully customizable forms. Only the fields you configure are captured — nothing more.
Access & Sharing
- Komo support staff can access data only to provide support
- Data shared only with trusted third parties required for service delivery
Sub-processors
Google — Hosting
Cloudflare — CDN & Security
Datadog — Monitoring
Twilio — SMS
ActiveCampaign — Email
Postmark — Email
Regulatory Compliance
- GDPR and CCPA compliant
- Cookie consent integration (OneTrust supported)
- Happy to sign Data Processing Agreements (DPA) — contact security@komo.tech