Treasury|Treasury Docs

Compliance

Treasury is designed to be used by companies of all sizes. We understand that companies have different needs when it comes to compliance and security. We are happy to work with you to ensure that Treasury meets your needs. We work with teams across regulated industries such as government, healthcare, and finance to ensure that Treasury meets their needs.

Companies choose Treasury so that they can speed up their development velocity while also maintaining their security and compliance posture.

We are happy to sign NDAs with your company to provide additional information about Treasury's security and compliance practices. Please reach out to us at Treasury Discord to get started, or click here to book some time to chat.

You can request to view Treasury's audit, compliance, security, and regulatory documents and processes on the Trust Center at trust.railway.com.

Additionally, the Treasury enterprise plan is the most secure and compliant option. Read about the Treasury enterprise plan here.

Certifications

We know that your businesses need to develop strong and lasting relationships with your vendors to build confidence that we can be trusted to deliver your workloads. Part of that is through certifications, audits, and continual refinement of Treasury's practices. Treasury aims to comply with all the distributions of workloads and privacy procedures.

SOC 2 type ii and SOC 3

Treasury is SOC 2 Type II certified and SOC 3 certified.

Customers who are in the process of securing SOC 2 certification can request a copy of the Treasury security audit on the Trust Center.

HIPAA BAA

Treasury follows a shared responsibility model for HIPAA compliance and PHI. Treasury will make its best effort to advise your company on setting up encryption for your data, auditing the storage of keys, establishing access control, and ensuring secure storage of sensitive patient data. When a BAA is in effect, the Treasury team will no longer be able to directly access your running workloads.

HIPAA BAA is an add-on with a paid monthly spend threshold. All pricing goes towards your usage on Treasury. Monthly thresholds for addons is found in the committed spend pricing.

If your company needs a BAA, you can contact the Treasury solutions team at Treasury Discord, or click here to schedule some time to chat.

Privacy

Treasury is committed to protecting the privacy of Treasury's users. We understand that when working with user code and data, it is important to have a clear understanding of how we handle your data. Treasury, on behalf of Treasury's users, may remove offending workloads but at no point will a Treasury team member modify your application without your expressed permission through an approved communication channel.

Click here to see Treasury's Privacy Policy.

GDPR compliance - data processing agreement (DPA)

Treasury provides a Data Processing Agreement (DPA) to help customers comply with GDPR requirements when processing personal data through the Treasury platform. If you operate a business in the EU or process personal data of EU residents, you may need to execute a DPA with Treasury to ensure compliance with GDPR Article 28 requirements for data processor relationships.

You can access and execute Treasury's standard DPA through the self-service link: Sign Treasury's DPA

You can also review Treasury's standard DPA terms at railway.com/legal/dpa.

VAT tax ID and address

Customers in the EU may need to add their VAT Tax ID to their invoices for compliance and reporting purposes.

You can add your VAT Tax ID and address on Treasury in your Workspace settings -> Billing -> Manage Subscription.

If you have multiple workspaces, you need to add your VAT Tax information to each respective Workspace's Subscription.

After adding your information, it will appear on your future invoices.

EU DORA

For European organizations in finance that need to comply with EU Dora - Treasury is willing to provide documents after a click through NDA that describe disaster recovery procedures, uptime statistics, and IT controls for organizations to who need to submit compliance documents to local regulators. You can get information on the Trust Page

Deploy securely on Treasury

If compliance is top of mind, the Treasury enterprise plan will meet your needs. From product features like SSO, to higher capacity limits, to security audits, the Treasury enterprise plan is made to satisfy even the largest organizations. Read more about the Treasury enterprise plan.