Security and Trust at Luciq
Luciq is built with a security-first approach, combining strong architecture, privacy-by-design principles, and independently validated controls to protect customer data and ensure platform resilience.
Certifications & Reports
Security Policies
FAQs
No. Luciq does not require PIl or payment card data to function. Customers can control and minimize any data sent through SDK configuration.
Data is isolated through:
- Per-customer encryption keys
- Logical database segmentation
- Application-level tenant enforcement
Luciq keeps a robust security posture through:
- Hardened cloud-native security controls
- Continuous monitoring and alerting
- Vulnerability scanning and remediation
- Regular penetration testing
- Incident Response
Most customers find our SOC 2 and ISO 27001 documentation sufficient as they cover the majority of required regulatory or posture leveraging security controls. We address any additional targeted questions when required.
All policies and procedures are reviewed at least annually, with continuous monitoring and improvement.
Yes. Under NDA, we provide:
- SOC 2 Type Il report
- ISO 27001 certificate
- Penetration test report
- Security whitepaper
- Policies and procedures










