All data center, network, and server-level standards, security, and compliance are inherited from our hosting provider, Microsoft Azure.

Azure undergoes regular independent third-party SOC 1 Type 2 and SOC 2 Type 2 audits and is certified according to ISO/IEC 27001 and ISO/IEC 27018 standards.

You can read more about Microsoft Azure’s certifications and compliance here:
https://www.microsoft.com/en-us/TrustCenter

eForms Mobile is European GDPR compliant and fully HIPAA compliant.

Our processes and practices are based on industry standards, and we’re SOC 2 Type 2 certified.

Regarding email data transmissions, we use SendGrid for all email facilities.

We have a GDPR-compliant Data Processing Agreement (DPA) with SendGrid, and we’re careful not to process any data with SendGrid beyond what is required to send email messages.
SendGrid’s servers generally operate in the USA, but the data flows are covered by their GDPR-compatible US Privacy Shield compliance.
Learn more about SendGrid’s GDPR status.

We have DPAs (or equivalent terms) in place with our other third-party suppliers, a full list of which can be seen here:
We do not hold other specific certifications; our focus on industry standards and compliance tend to overlap favorably with most guidelines and regulations.

For example, we do not specifically target FDA CFR Title 21 Part 11; however, Azure does address Part 11 compliance.

For specific standards or regulations, we recommend that you consult the relevant published documentation to assess in light of the above.
Please feel free to contact us if you require more clarification.