
A precise account of the controls in place today. Not a certification. Updated as the program matures.
All traffic to Atlas is served over TLS. Application data is stored in a managed Postgres database that encrypts at rest.
Atlas runs on Cloudflare (edge, workers) and a SOC 2 Type II managed Postgres platform. Atlas itself is not yet independently certified.
Sign-in via email and password or Google. Sessions are scoped per user and revocable.
Access is scoped by role. Row-level policies enforce which records each authenticated user can read or write.
Approvals, orders, payouts, and document access are recorded with actor and timestamp.
Your data belongs to you. Export and deletion requests are handled by writing to hi@regularholding.com.
Managed Postgres (database, auth, storage), Cloudflare (hosting, edge), and AI providers for optional features. Full list available on request.
Regular Holding is actively working toward SOC 2 Type I and ISO 27001. Atlas does not currently hold SOC 2, ISO 27001, HIPAA, or PCI certifications. GDPR is treated as ongoing operating practice.
Regular Holding LLC is a New York limited liability company. Atlas is a governance, recordkeeping, and payment-processing platform. Regular Holding is not a bank, money transmitter, broker-dealer, custodian, fiduciary, or lender, and does not hold customer funds. Funds are transmitted by third-party payment providers and their partnered financial institutions, not by Regular Holding directly. Atlas is available to U.S.-organized operating companies. Full Terms of Service.
Direct security and privacy reports to hi@regularholding.com. Receipt is acknowledged within two business days.