Kymata

Trust

Security & compliance

We build and operate Kymata with security and customer trust in mind. This page summarizes our program at a glance; for audit reports, questionnaires, subprocessors, and detailed materials, use our Trust Center.

Open Trust CenterSystem statusopen_in_new

Program

Security at a glance

These themes map to how we run the platform and align with what buyers and auditors expect to see in a SOC 2 program.

admin_panel_settings

Governance & accountability

We maintain security policies, risk management practices, and clear ownership so controls stay aligned with how we build and run the platform.

key

Access & identity

We apply least-privilege access, authentication requirements, and ongoing access practices appropriate to a cloud service handling customer data.

shield_lock

Data protection

We protect data in transit and at rest using industry-accepted practices, with architecture and operations designed for confidentiality and integrity.

monitoring

Monitoring & operations

We use logging, monitoring, and change management so we can detect issues, respond to events, and keep the service reliable.

groups

Vendors & subprocessors

We evaluate third parties that process data on our behalf and maintain transparency about subprocessors through our Trust Center and customer agreements.

Certifications

SOC 2

Kymata undergoes independent SOC 2 examinations of controls relevant to our services. Reports are issued by a qualified CPA firm under the AICPA's Trust Services Criteria (Security is required; additional criteria may apply depending on audit scope).

SOC for Service Organizations

The SOC for Service Organizations logo is used under AICPA guidelines; select it to open the official SOC program page.

Marketing descriptions are not a substitute for the SOC report. For control objectives, testing period, and scope of services covered, rely on the report and your agreement with Kymata.

Transparency

Operations & availability

We publish live status for service health. Subprocessor lists and similar disclosures are maintained for customers and prospects through the Trust Center so they stay current as our service providers change.

  • check_circleStatus page — incidents, uptime, and scheduled maintenance.
  • check_circleTrust Center — subprocessor transparency, questionnaires, and request flows for security documentation.

Trust Center

Audit reports (under NDA where applicable), policies, questionnaires, and updates—so procurement and security teams can self-serve without waiting on ad-hoc email threads.

Open Trust Center

Procurement

Security reviews & questionnaires

Start with the Trust Center for the fastest path. If you need a tailored review, contact us and reference your vendor intake or deal stage.

  • chevron_rightRequest SOC reports and security documentation through the Trust Center (NDA may apply).
  • chevron_rightUse CAIQ, SIG, or custom questionnaires—coordinate via Trust Center or your Kymata contact.
  • chevron_rightGeneral inquiries: contact@kymata.ai.

Security FAQs

SOC 2 is an attestation framework from the AICPA. An independent auditor examines whether Kymata's controls meet the Trust Services Criteria relevant to our services—commonly Security, and others depending on scope. It helps customers validate our security program without replacing their own risk review.

Legal

Policies & related links