Trust Center
Expel is a security company, so it should be no surprise that we take data security and privacy seriously. We want to make sure you have all the answers to your questions regarding how we protect your data. Welcome to the Expel Trust & Compliance one-stop-shop.
You’ll find direct access to our compliance documentation, the different standards, laws, and frameworks (you name it!) that we align to at Expel. Questions about ISO 27001, GDPR compliance, SOC 2 Type 2 reports? It’s all here.
Documents
Subprocessors
Subprocessors
2026 Mega Audit Progress Update
Status: 2026 Mega Audit (In Progress)
- Jan 2026: EU-US DPF Renewal (Completed)
- Feb 2026: ISO 27001/27701 Internal Audit "Pre-Check" (Completd)
- Current Phase: External Fieldwork (Estimated Completion: Q3 2026)
Status: [Phase 1 Complete]
Expel has successfully cleared the first major milestone of our 2026 Mega Audit cycle. In February, we completed a rigorous Internal Audit 'Pre-Check' for ISO/IEC 27001 and ISO/IEC 27701. This internal verification confirms our security and privacy controls are operating effectively as we move into the external certification phase for SOC2, ISO, GDPR, and CCPA.
Insights
Expel's 2026 Annual Threat Report looks back at last year's attacks across identity, endpoint, and cloud—and gives your team a plan for what's next.
EU-US Data Privacy Framework
We're pleased to announce that we have completed our 2026 self-certification with the EU-U.S. Data Privacy Framework, including UK Extension and Swiss-U.S. Framework. Our participant profile can be viewed on the DPF public website here.
We're pleased to announce that we completed our self-certification with the EU-U.S. Data Privacy Framework, including UK Extension and Swiss-U.S. Framework. Our participant profile can be viewed on the DPF public website here.