Audit and Certification Status

MEWS' Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to Mews' Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.

Compliance

ISO/IEC 27001 Logo
ISO/IEC 27001
SOC 2 Logo
SOC 2
NF525 Logo
NF525
GDPR Logo
GDPR
CCPA Logo
CCPA
EU AI Act Logo
EU AI Act
NIS 2 Logo
NIS 2
NIST CSF Logo
NIST CSF
RH-ISAC Logo
RH-ISAC
SOX Logo
SOX
DORA Logo
DORA
PCI DSS v4.0.1 Logo
PCI DSS v4.0.1
MEWS' Trust Center Updates

Audit and Certification Status

Copy link
Compliance

NF525 Certification

We confirm that Mews has completed its NF525 recertification audit in January 2026. The issuance of the updated NF525 certificate is now solely dependent on the relevant authorities and remains outside of Mews’ control.

Please note that, although Mews underwent the audit process well in advance, we are unable to influence or accelerate the authorities’ internal review and issuance timelines.

Documents

REPORTSISO 27001
REPORTSPCI DSS
REPORTSPenetration Tests
REPORTSTransfer Impact Assessment
COMPLIANCEISO/IEC 27001
COMPLIANCENF525
COMPLIANCEPCI DSS v4.0.1
COMPLIANCESOC 2
DATA PRIVACYData Privacy

Risk Profile

Recovery Time Objective24 hours
Recovery Point ObjectiveImmediate
HostingMajor Cloud Provider

Product Security

Audit Logging
Continuous penetration testing
Data Security
View more

Reports

ISO 27001
NF525 PMS
NF525 POS
View more

Data Security

Azure SQL Database
Azure Storage
Cosmos DB
View more

App Security

Code Analysis
Incident Response
Secure Development Training
View more

AI

AI Governance
Third-Party AI Diligence
Employee AI Usage

ESG

Anti-Bribery and Corruption
Whistleblowing Program

Legal

Subprocessors and AffiliatesMicrosoft Azure-company-logoGoogle-company-logoSalesforce-company-logoDatatrans-company-logoTwilio-company-logo
Cyber Insurance
Data Processing Agreement
View more

Data Privacy

Data Privacy
Data Privacy Contact
Data Subject Requests
View more

Access Control

Data Access
Least Priviliged
Password Security

Infrastructure

Status Monitoring
Azure
Deployment
View more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management

Network Security

Data Loss Prevention
Firewall
Security Information and Event Management
Knowledge Base (FAQ)
  • Is it possible to give {potential customer} a notification of any change made to the infrastructure and the application (e.g. new sub-contractors or new hardware)? Please state when {potential customer} would be informed about these changes (in month).
  • Is it possible to secure the login with a two-factor authentication?
  • Please specify the service model. Note: Definition according to NIST SP 800-145.
  • Operating system (OS): Who manages the operating system for the DB and for the application?
  • Is protection of systems against DDoS and brute force attacks in place?
View more