Compliance
Use Settings → Privacy Compliance to review compliance status, turn on GDPR or HIPAA modes when your contract and legal review allow it, see where data is hosted, and open audit logs. The top of the page also points you to learn about privacy compliance and cheat detection settings.
HeyMilo does not provide legal advice. Turn on GDPR or HIPAA only when your organization and counsel require it and your agreement with HeyMilo supports those modes.
Compliance status
Compliance status gives an overview of your compliance certifications and data hosting.
HeyMilo’s security and compliance program includes SOC 2 Type I and SOC 2 Type II. Those attestations describe how we manage security and related controls at the service level. For SOC 2 reports, security questionnaires, or vendor due diligence, contact your CSM or support@heymilo.ai.
GDPR and HIPAA
| Control | What it is |
|---|
| GDPR compliance | EU data protection — enable when you need EU-aligned handling under your agreement. |
| HIPAA compliance | Healthcare compliance — enable when you have a BAA and workflows that require HIPAA-aligned handling. |
Hosted region
Hosted region shows data location for your workspace (for example us-east). This is where your tenant’s data for this product is hosted; use it for data residency discussions with your security team.
Audit
Under Audit, you can view logs that support governance and investigations:
| Log | What it covers |
|---|
| Delete logs | Scheduled deletions — history of deletion activity tied to your retention and cleanup rules. |
| Access logs | Who accessed what — access-related events for accountability. |
| Export logs | Data exports — when data left the product via export flows. |
| Activity logs | Role and team changes — changes to roles, teams, and similar workspace administration. |
Next steps
.png?fit=max&auto=format&n=EGn2J1_1jAyygLfi&q=85&s=300cf51db4c76b31ba977e19c52eeb7e){kind=logo}
