Certifications & compliance

Trust, independently verified

Anyone can claim rigor. We prefer certificates with auditors behind them — here is the compliance backbone underneath every VMI report and every byte of your data.

ESOMAR Member

Member of the global association for the data, research and insights industry — our methodology is held to the ESOMAR professional standards every serious research buyer knows.

ISO 9001

Quality-management certification covering how research is scoped, produced, checked and delivered — consistency you can audit, not just claim.

SOC 2

Independent attestation of our controls for security, availability and confidentiality — the standard enterprise IT teams ask about first.

GDPR Ready

Data-protection practices aligned with the EU General Data Protection Regulation — consent-first cookies, data-subject rights, retention limits.

HIPAA Aligned

Handling practices aligned to HIPAA safeguards for engagements that touch healthcare data.

HITRUST CSF

Certified against the healthcare industry's most widely adopted security framework, harmonising HIPAA, ISO and NIST controls.

D-U-N-S Registered

Verified business identity via Dun & Bradstreet — registered, real, and traceable.

Trustpilot Reviewed

Independently reviewed by verified buyers on Trustpilot — read the good and the critical alike.

TrustLock Verified

Verified-business and privacy-safe seals independently issued and continuously monitored by TrustLock.

What this means for you

Security is a feature of every report

Encrypted end to end

TLS in transit and encryption at rest for every report, query and account record. Payments run through Stripe’s PCI-DSS-certified infrastructure — card numbers never touch our servers.

Confidential by default

Your research topics are business-sensitive by definition. They are never sold, never shared, and never used to train public AI models.

Access, controlled

Single-active-session sign-in, workspace-scoped team invites, and rate-limited endpoints keep your reports visible to exactly the people you chose.

Read the Privacy Policy

Questions our certifications don’t answer?

Security questionnaires, DPAs and procurement paperwork — our team handles them routinely. Ask away.