# Telnyx Compliance Status

Current certifications, compliance status, and data residency information.

## Certifications

| Certification | Status | Body | Scope | Last Verified | Note |
|---------------|--------|------|-------|---------------|------|
| SOC 2 Type I | ✅ Active | AICPA | Programmable Voice, Programmable Messaging, Video, and Wireless | 2026-04-21 | Audit completed; report available under NDA |
| SOC 2 Type II | ✅ Active | AICPA | Programmable Voice, Programmable Messaging, Video, and Wireless | 2026-04-21 | Annual audit completed; report available under NDA |
| SOC 2 Type III | ✅ Active | AICPA | Programmable Voice, Programmable Messaging, Video, and Wireless | 2026-04-21 | Audit completed; report available under NDA |
| HIPAA | ✅ Active | HHS | Voice, messaging, fax, and AI inference services | 2026-04-21 | BAA available for covered entities |
| GDPR | ✅ Active | EU Commission | All data processing for EU customers | 2026-04-21 | Data Processing Agreement available; EU data residency |
| ISO 27001:2013 | ✅ Active | ISO | Information security management system | 2026-04-21 |  |
| ISO 27701:2019 | ✅ Active | ISO | Privacy information management system | 2026-04-21 | Extends ISO 27001 ISMS with privacy management |
| PCI DSS | ✅ Active | PCI SSC | Payment card processing for billing | 2026-04-21 |  |
| STIR/SHAKEN | ✅ Active | ATIS/SIP Forum | All originating voice calls | 2026-04-21 | Full Attestation Level A; certified SHAKEN service provider |
| A2P 10DLC | ✅ Active | CTIA/The Campaign Registry | Application-to-person SMS messaging in the US | 2026-04-21 | Direct carrier registration; no intermediary CSP |
| CPaaS Compliance | ✅ Active | Internal | Communications Platform as a Service | 2026-04-21 | Compliant with FCC regulations and telecom requirements |
| FedRAMP | 🔄 In Progress | FedRAMP PMO | US Federal government cloud services | — | Authorization in progress; expected 2026 |
| FIPS 140-2 | — Not Stated | undefined | undefined | — | Not currently certified; encryption uses standard algorithms |

## Data Residency

| Region | Services | Notes |
|--------|----------|-------|
| United States | SIP Trunking, Voice API, SMS/MMS, AI Inference, Voice AI Agents, Numbers, Fax, Verify | Primary data center; SOC 2, HIPAA, PCI DSS compliant |
| European Union | SIP Trunking, Voice API, SMS/MMS, AI Inference, Voice AI Agents, Numbers | EU data residency available; GDPR compliant; data never leaves EU |
| Asia Pacific | SIP Trunking, Voice API, AI Inference, Numbers | Regional data processing available |
| Canada | SIP Trunking, Voice API, SMS/MMS, Numbers | PIPEDA compliant; data residency available |

---

*This endpoint is also available as [JSON](/ai/compliance.json). See [API catalog](/ai/api-catalog.json) for all machine-readable endpoints.*