At Hanover, we understand that trust is the foundation of any relationship between a software provider and its customers. As we continue to scale and handle increasing volumes of customer data, we’re committed to earning and maintaining that trust through rigorous, industry-recognised compliance standards.
That’s why we’ve embarked on our SOC 2 Type II readiness journey, partnering with Sprinto to ensure that by the end of 2025 we will be audit ready, with full SOC 2 Type II certification targeted by Q2 2026.

When you entrust a partner like Hanover with sensitive customer data, you’re putting a lot of trust in our ability to keep that information secure, available, and reliable. That’s where SOC 2 Type II compliance comes in.
SOC 2 (Service Organization Control 2) is a widely recognized auditing framework developed by the American Institute of CPAs (AICPA). It was specifically designed for technology and cloud companies that handle customer data.
The framework is built around five “Trust Service Criteria”:
● Security – Systems are protected against unauthorized access.● Availability – Services are available when you need them.● Processing Integrity – Data is processed accurately, completely, and in a timely manner.● Confidentiality – Sensitive information is safeguarded against unauthorized disclosure.● Privacy – Personal information is collected, used, and retained appropriately.
A SOC 2 Type I report evaluates whether the right controls are designed and in place at a single point in time.
A SOC 2 Type II report goes further. It tests not just the design but the ongoing effectiveness of those controls over a defined audit period (often 6–12 months). In other words, it proves that a company isn’t just claiming to follow best practices, it demonstrates that those practices are consistently operating in real-world conditions.

As part of our SOC 2 journey, we’re also building a Hanover Trust Center, hosted in partnership with Sprinto. Think of the Trust Center as a living, public-facing dashboard that gives customers, prospects, and partners a single place to see where we stand on security and compliance.
Instead of static documents that quickly become outdated, the Trust Center provides real-time visibility into our security posture. This includes:
● Up-to-date compliance status - see where we are on the path to SOC 2 Type II certification, along with other standards as we pursue them.● Policy access - view key policies and practices (like data protection, access management, and incident response).● Security controls overview - understand the safeguards we have in place to protect customer data.● On-demand reports - request or download relevant documents (like our SOC 2 report, once available) under NDA.
For our customers, this means:
● Fewer back-and-forths during vendor due diligence and security reviews.● Greater peace of mind with an always-current view of how we manage data security.● A transparent partnership, you don’t have to take our word for it; you can see the evidence yourself.
The Trust Center reflects how we want to operate as a business: with openness, accountability, and continuous assurance. It ensures you’ll always know the state of our compliance and the steps we’re taking to safeguard your data not just once a year at audit time, but every single day.