User data is scoped by access key ownership, and routes remain attached to the owning node identity so administration is easier to reason about.
Current compliance posture
StreamGate is built with controls that help regulated teams operate more carefully, but this page should not be read as a claim of certifications that have not been formally obtained.
The relay keeps version history, route state, sessions, server events and mail activity in explicit operator surfaces for operational accountability.
The product is designed to connect a specific service path rather than to collapse an entire private network boundary into a client machine.
Registration, renewal, recovery and support interactions are tied to a mailbox, which simplifies lifecycle controls and customer communication.
Important note
Unless explicitly stated in a signed commercial agreement, StreamGate does not claim a specific external compliance certification on this page.
- No public statement here should be read as a promise of SOC 2, ISO 27001, HIPAA, PCI DSS or similar certification unless separately documented.
- The page describes product controls and design choices, not an audited certification report.
- Customer-specific contractual controls can still be documented through support, terms and DPA flows.