Compliance
Game Framework supports multiple compliance standards for regulated industries.
Certifications
SOC 2 Type II
Status: Certified ✓
Security controls for:
- Access controls
- Encryption
- Availability
- Processing integrity
- Confidentiality
GDPR (EU)
Status: Compliant ✓
Data privacy features:
- Data export (Right to access)
- Data deletion (Right to be forgotten)
- Consent management
- Data processing agreements
HIPAA
Status: Available (Enterprise) ✓
Healthcare data protection:
- BAA available
- Encryption at rest and in transit
- Audit logging
- Access controls
ISO 27001
Status: Certified ✓
Information security management.
Compliance Features
1. Data Residency
Choose where data is stored:
- US (us-east-1, us-west-2)
- EU (eu-west-1, eu-central-1)
- Asia (ap-southeast-1, ap-northeast-1)
curl -X PATCH https://registry.yourcompany.com/v1/workspaces/ws_ID \
-H "Authorization: Bearer $TOKEN" \
-d '{"data_residency": "eu-west-1"}'2. Audit Trail
Immutable audit logs for all actions.
3. Data Encryption
- In transit: TLS 1.3
- At rest: AES-256
- Backups: Encrypted
4. Access Controls
RBAC with fine-grained permissions.
5. Data Export
Export all workspace data:
curl https://registry.yourcompany.com/v1/workspaces/ws_ID/export \
-H "Authorization: Bearer $TOKEN"6. Data Deletion
Delete workspace and all data:
curl -X DELETE https://registry.yourcompany.com/v1/workspaces/ws_ID \
-H "Authorization: Bearer $TOKEN"GDPR Features
Right to Access
Users can export their data:
curl https://registry.yourcompany.com/v1/me/export \
-H "Authorization: Bearer $TOKEN"Right to be Forgotten
Users can delete their account:
curl -X DELETE https://registry.yourcompany.com/v1/me \
-H "Authorization: Bearer $TOKEN"Consent Management
Track user consent:
curl https://registry.yourcompany.com/v1/me/consents \
-H "Authorization: Bearer $TOKEN"Documentation
Business Associate Agreement (BAA)
Required for HIPAA compliance (Enterprise).
Contact: compliance@gameframework.dev
Data Processing Agreement (DPA)
Required for GDPR compliance (all plans).
Download: https://gameframework.dev/legal/dpa
Security Whitepaper
Detailed security documentation.
Download: https://gameframework.dev/security-whitepaper.pdf
Compliance Support
Enterprise Support
- Dedicated compliance manager
- Custom compliance reports
- Security questionnaire assistance
- Audit support
Documentation
- SOC 2 report (under NDA)
- Penetration test results
- Security policies
- Incident response plan
Contact
- Compliance: compliance@gameframework.dev
- Security: security@gameframework.dev
- Legal: legal@gameframework.dev
Need compliance docs? Contact compliance@gameframework.dev
Next Steps
- Security Overview - Security features
- Audit Logging - Activity monitoring