Compliance across EU, AF and MENA jurisdictions.
FlyttGo platforms are engineered to satisfy the compliance and sovereignty requirements of regulated enterprise and public-sector deployments. This page summarises the frameworks we support; per-deployment attestations are shared under NDA.
- Certified
SOC 2 Type II
Annual audit covering security, availability, confidentiality and processing integrity. Reports available under NDA.
- Certified
ISO 27001
Information Security Management System (ISMS) covering organisational controls, personnel, physical, and technological controls (Annex A).
- Certified
GDPR
Data Protection Agreement executed with every customer. Data residency honoured per deployment mode — sovereign, customer-cloud and managed EU.
- Certified
WCAG 2.1 AA
Accessibility conformance across customer-facing UI, including keyboard navigation, screen-reader support, colour contrast and reduced-motion respect.
- Certified
PSD2 (Payvera)
Strong Customer Authentication (SCA), open-banking API exposure and transactional reporting for EU payment deployments.
- Certified
eIDAS (Identra)
Qualified electronic signatures and trust services for cross-border digital identity in EU member states.
- Certified
PCI-DSS
Scoped to Payvera and FlyttGo marketplace card handling. Tokenisation + externally-hosted vaults keep customer systems out of PCI scope where possible.
- Certified
Local sovereign frameworks
Regional compliance programmes — UK PSN, Saudi NCA ECC, UAE IA, South Africa POPIA — handled per deployment as part of the sovereign enablement package.
Request compliance documentation
SOC 2 reports, ISO certificates, pen-test summaries and DPIA templates are available to qualified enterprise and public-sector buyers under NDA. Contact procurement.