Log inWatch a demo
Try for free

Navigating compliance with Tresorit

This page gives an overview of Tresorit’s compliance approach and helps you navigate to the relevant regulations and standards.

Navigating-Tresorit-compliance

Compliance built on security and privacy by design

Compliance at Tresorit is built on strong security foundations and privacy-by-design principles, supporting regulatory and industry specific requirements across regions.

02_Privacy_by_design@2x

How Tresorit approaches compliance

At Tresorit, compliance is the outcome of strong foundational principles, secure architecture, and a privacy-first mindset built into the product from the ground up.

Privacy by design

Security and privacy are embedded into Tresorit’s development process. Data protection is considered at every stage — from feature design to deployment — ensuring that regulatory requirements are supported by default, not added later.

Zero-knowledge encryption as a foundation

Tresorit’s zero-knowledge, end-to-end encryption ensures that only authorized users can access data. This principle forms the core of Tresorit's compliance posture by minimizing data exposure risks.
Visit our encryption page

Security architecture as the basis for compliance

A robust security architecture — including strong encryption, granular access controls, and detailed activity tracking — provides the technical foundation that supports regulatory and industry requirements across regions.
Visit our security page

Ongoing regulatory alignment

Compliance is an ongoing commitment. Tresorit continuously monitors regulatory developments and evolves its controls and processes to stay aligned with emerging legal and industry standards.

Data protection & privacy regulations

GDPR

GDPR

If you operate in the EU or process personal data of individuals in the EU, regulations such as the GDPR are likely relevant.
Read more about GDPR compliance
CCPA

CCPA

If you operate in California or handle personal data of California residents, data protection regulations such as CCPA are likely relevant.
Read more about CCPA compliance
HIPAA

HIPAA

If you operate in the U.S. healthcare sector or handle protected health information (PHI), regulations such as HIPAA are likely relevant.
Read more about HIPAA compliance

Security certifications & assessment frameworks

TÜV

ISO

If your organization requires a certified information security management system, standards such as ISO 27001 are likely relevant.
Read more about ISO certification
TISAX

TISAX

If you operate in or work with the automotive industry in Europe, security assessment frameworks such as TISAX are likely relevant.
Read more about TISAX
CJIS

CJIS

If you work with U.S. law enforcement agencies or handle criminal justice information, requirements such as CJIS are likely relevant.
Read more about CJIS

FAQ

Tresorit supports a wide range of international and industry-specific regulations and standards, including data protection laws, security certifications, and sectoral requirements. These include frameworks such as GDPR, ISO 27001, HIPAA, NIS2, DORA, and others. For detailed information about a specific regulation, please visit the dedicated compliance subpages.

Official documentation, certifications, and detailed compliance information are available upon request or through the relevant compliance pages on our website. Each framework-specific subpage outlines how Tresorit supports its requirements and where to access supporting materials.

Yes. Compliance requirements may vary depending on geographic location, industry, and data sensitivity. Tresorit’s security architecture is designed to provide a strong universal foundation, while supporting region-specific and industry-specific obligations. For more information, please consult the relevant regulatory pages.

Compliance is an ongoing commitment. Tresorit continuously monitors regulatory developments and adapts its controls, policies, and processes to remain aligned with new and emerging requirements and best practices.

Tresorit provides the secure infrastructure and controls that support compliance, but your organization remains responsible for meeting its specific regulatory obligations. 

Continue exploring

Compliance frameworks

Access detailed pages outlining specific regulations and industry standards, and how Tresorit can help achieve compliance. See the list above.

Tresorit's security architecture

Learn more about the security architecture that underpins Tresorit’s compliance approach.
Visit our security page

Zero knowledge encryption

Understand the principles behind Tresorit’s zero-knowledge, end-to-end encryption model.
Visit our encryption page