SessionLab - Trust Center

SessionLab passed SOC 2 Type II audit by Securance Pro Assurance PLLC, which validates our information security controls and practices. We conduct regular penetration testing, most recently by Vaadata SAS (France) in July 2025 with all vulnerabilities remediated and validated by September 2025, and second one as part of our SOC 2 Type II audit, by Bubba AI, Inc. in November 2025, which found 0 critical/high/medium vulnerabilities.

Customer data is hosted on Amazon Web Services in the EU, with the primary location in Dublin, Ireland, and backup in Frankfurt, Germany. All data remains within EU data centers.

Customer data backups are retained for 35 days and system logs for approximately 6-12 months. We maintain streaming backups to a secure, encrypted location in a separate EU region. Detailed retention policies can be found in our Privacy Policy.

Customers can delete their own content through the application. Full account deletion is available upon request through our support channels. Upon deletion, all associated data including sessions, projects, templates, and account settings are permanently removed and cannot be recovered.