Answer

Is Vexor SOC 2 certified?

Not yet. SOC 2 Type II audit is on the roadmap (typical timeline 12-18 months from start). Vexor's vendor stack — Supabase (database + auth), Vercel (hosting), Stripe (payments) — is independently SOC 2 Type II certified. So the underlying infrastructure meets SOC 2 controls; the legal entity Vexor.app, Inc. is not yet independently audited.

For most residential and light-commercial contractors, SOC 2 isn't a procurement requirement. It typically becomes a requirement when selling into enterprise / commercial / government accounts.

If SOC 2 is required for your business decision, email security@vexorapp.com and we can share our current control documentation + roadmap timeline.

Related: Security details

Start free trial← Browse all answers

Related answers

How does Vexor handle data security?

TLS 1.2+ for all in-transit traffic with HSTS pinned for 1 year. AES-256 encryption at rest (Postgre