Documentation
Security & Privacy
TrustRouter is designed for enterprise security requirements and regulatory compliance.
Security features
Encryption in transit
TLS 1.3 for all API and webhook traffic
Encryption at rest
AES-256 for stored data
Data residency
EU and US data center options
Access controls
Role-based access, audit logs, MFA
Compliance
- GDPR compliant (EU data protection)
- SOC 2 Type II certified
- ISO 27001 certified
- HIPAA ready (for healthcare use cases)
Data retention
- Message content: Not stored (pass-through only)
- Metadata: Retained for 90 days (configurable)
- Logs: Retained for 12 months
- Billing records: Retained for 7 years