Posture at a glance
Shawn E. Decker follows SOC 2 Type II readiness practices across all five Trust Services Criteria. Internal controls are documented, evidenced, and reviewed annually. Same scaffold applied to every VTV client system.
Trust artifacts
CC · A · C · PI · P
Security
Controls · encryption · MFA · audit logging · disclosure.
P · GDPR · CCPA
Privacy Notice
What we collect · why · who sees it · your rights.
Legal
Terms of Service
The agreement governing use of the Service.
CC9 · Vendors
Subprocessors
Every vendor with data access · DPA + SOC 2 status.
A1 · Availability
System Status
Uptime · incidents · scheduled maintenance.
CC7 · Disclosure
Report a Vulnerability
72h acknowledgment.
P · DSAR
Privacy Request
Access · correct · export · delete · 30-day SLA.
CC · Audit
Auditor Documents
Auditors · enterprise prospects · request control matrix.