Delve logoDelve

Delve Trust Center

Delve is a compliance automation company focused on helping organizations maintain strong security and regulatory practices. Our mission is to simplify compliance by reducing the manual, repetitive work that traditionally slows teams down. We believe transparency, secure operations, and clear accountability are essential to building trust with our customers and partners.

compliance@getdelve.com

Compliance

Trusted By

Wispr FlowWispr Flow
11x11x
BlandBland
GreptileGreptile
levels.fyilevels.fyi
InstantlyInstantly
Browser UseBrowser Use
micro1micro1

Links

Privacy PolicyTerms of Service

Resources

SOC 2 Type II Report
ISO 42001 Certificate
Data Protection and Encryption Policy
Company Handbook
Data Classification Policy

Controls

System Media Access Control Procedure
System Media Access Control Audit
Remote access tool
ePHI policy accessibility evidence
Access restricted to modify infrastructure
Portable Storage Ownership Accountability Test
Portable Storage Device Security Assessment
Backup Confidentiality Assurance Procedure
Backup and recovery policy
Encryption of data
Vulnerability assessments policy
Application outages
Secure Media Transportation Audit
Source code tool
Business continuity and disaster recovery testing
SSL/TLS certificates for infrastructure
Intrusion detection tool
Infrastructure baseline hardening policy
Monitoring, measurement, analysis and evaluation
Monitoring tool
System Security Incident Documentation Evaluation
Incident Response Capability Assessment
Organizational Incident Handling Capability Assessment
Breach notification communication
Incident response and breach notification policy
Internal GDPR compliance assessments performed
Binding corporate rules policy
Authenticator Management Security Audit
Software Installation Policy Compliance Test
Whistleblower policy
Log management tool
Periodic Logged Event Re-evaluation
Log Review Process
Logical Session Termination Test
Mail Client Malware Detection
ePHI risk assessment report
Vendor management program
Vendor list
Comprehensive Risk Assessment Procedure
Vendor onboarding
Consent for processing captured via explicit opt-in mechanisms
Age verification and parental/guardian consent process enforced
Endpoint Security Program Awareness
Media disposal training
New employee and contractor agreements
Security awareness training implemented
Background checks
Asset register maintaining
Records of Processing Activities (RoPA) maintained
Multi-availability zones
Baseline Configuration Maintenance Test
System Maintenance Security Assessment
Risk management program
Risk and Governance Executive Committee meeting minutes
Organizational Security Control Assessment
External System Security Assessment
Lawful basis assessment
Build a Controls Responsibility Matrix (CRM)
Media Sanitization and Disposal Procedure
Media Usage Restriction Verification
System Media Security Marking Test
"Flow Down" Contracts

Subprocessors

Cloudflare
CloudflareNetwork & Edge Security
AWS
AWSCloud Infrastructure & Platform Services
Anthropic
AnthropicAI & ML Services
Railway
RailwayCloud Infrastructure & Platform Services