SPNT
Book a Demo

Trust Center

Trust, verifiable.

Serpentine is built for security teams. We secure your security data with the same rigor you bring to your own infrastructure.

Request Security DocumentsBook a Demo

Data Residency

EU-hosted infrastructure

EU-hosted by default. Designed for EU data residency. Infrastructure and subprocessors are documented in the Trust Center.

Primary Region

Frankfurt, Germany

Backup Region

Amsterdam, Netherlands

Data Residency

EU-hosted by default

Jurisdiction

German and EU law applies

Infrastructure provided by datacenter partners that maintain ISO 27001 and SOC 2 certifications.

AI Data Handling

Controlled AI processing

Your data is never used to train AI models. All AI processing happens within our EU infrastructure with full source traceability.

No customer data used for model training
AI inference runs on EU infrastructure
Full reasoning traces preserved for audit
Human review required for compliance decisions
Opt-out available for all AI features

AI Data Controls

AI-assisted analysisPer-org configurable
Source traceabilityAlways enabled
Reasoning trace loggingAlways enabled
Data retentionCustomer controlled
Compliance decisionsHuman review required

Security Posture

How we secure Serpentine

We apply the same standards to our infrastructure that we help you achieve.

Access control

Role-based access with principle of least privilege. All access logged and auditable.

Logging and audit trails

Complete audit trail of all data access, modifications, and administrative actions.

Vulnerability management

Continuous scanning, prioritized remediation, and validated fixes. We use Serpentine on Serpentine.

Incident response

Documented incident response procedures with defined SLAs and communication protocols.

Data isolation

Tenant data is logically isolated. No cross-tenant data access.

Infrastructure hardening

CIS-benchmarked compute instances with automated configuration drift detection.

Documentation

Security and legal documents

Transparent documentation for your compliance and legal teams. Request access to detailed security documentation.

Data Processing Agreement

GDPR-compliant DPA available for all customers

Subprocessor List

Third parties who process customer data

Responsible Disclosure

How to report security vulnerabilities

Security Posture

Technical security overview and controls

AI Data Handling

How we handle data in AI processing

Infrastructure Controls

Physical and logical security controls

Certifications

Serpentine infrastructure runs on datacenter partners that maintain ISO 27001 and SOC 2 Type II certifications. We do not claim these certifications for Serpentine itself. Our security posture is documented and available for review upon request.

Request Security Review