SOC 2 Compliance

Last updated: February 16, 2026

AgentMail is SOC 2 Type II compliant.

We have implemented and actively monitor 93 comprehensive controls across security, availability, processing integrity, confidentiality, and privacy. Our compliance is verified through regular third-party audits.

What is SOC 2?

SOC 2 is an audit report developed by the American Institute of CPAs (AICPA).

The audit evaluates controls related to security, availability, processing integrity, confidentiality, and privacy of a system.

There are two types of SOC 2 reports:

  • Type I: checks if a company is compliant at a point in time.
  • Type II: confirms that a company is still compliant during an observation window (typically 6 months).

AgentMail is SOC 2 Type II compliant.

Why is SOC 2 important?

SOC 2 is not mandatory in a legal sense, and certification isn't required by law.

Still, we believe that SOC 2 is crucial because it encourages companies to have solid controls in place to protect customer data.

For us, this isn't a short-term growth play but the beginning of a long-term security investment. We're building email infrastructure that AI agents and developers can trust.

Who manages AgentMail's compliance?

AgentMail uses Delve as our trust management platform to monitor, collect, and submit evidence to auditors.

Our compliance program is managed continuously through Delve's automated monitoring system, ensuring we maintain security best practices at all times.

When were you audited?

The reporting period is from Aug 2025 to Nov 2025.

We conduct regular audits to maintain our compliance status and ensure our security controls remain effective.

How can I access the SOC 2 report?

You can access our comprehensive trust center at:

trust.delve.co/agentmail

Our trust center includes:

  • SOC 2 Type II Report (available on request)
  • SOC 2 Type I Report (available on request)
  • HIPAA Compliance documentation
  • Business Continuity and Disaster Recovery plans
  • 93 documented security controls across multiple categories
  • Access Control, Data Security, Application Security, Infrastructure Security policies
  • Incident Response procedures
  • Vendor Management documentation

The full SOC 2 report is available to current and prospective customers under NDA. Contact us if you need additional documentation or have specific compliance questions.

Can you answer a questionnaire?

If you have a security questionnaire that needs filling, please contact us at:

support@agentmail.cc

Our team will work with you to provide the necessary information for your security review process.

AgentMail, Inc.
San Francisco, CA, USA

All systems online

Email Inboxes for AI Agents

SOC2 Type II Certified
HomeEnterprisePricingBlogDocsConsole

© 2026 AgentMail, Inc. All rights reserved.

Privacy PolicyTerms of ServiceSOC 2