What Visitors See
Your Trust Center can display any combination of the following sections:Compliance Status
Framework compliance progress across 50+ frameworks including ISO 27001, SOC 2, HIPAA, GDPR, and PCI-DSS. Shows which frameworks you are pursuing or certified against.
Certifications
Active certifications and audit reports with validity dates. Upload certificates and make them available for download or access request.
Security Practices
Descriptions of your security practices across categories like data encryption, access controls, incident response, and infrastructure security.
Policies
Public-facing versions of your security and privacy policies. Choose which policies to share and whether they require an access request.
Subprocessors
A list of third-party subprocessors you use, including their purpose, location, and data categories processed. Required for GDPR compliance.
FAQs
Frequently asked security questions and answers. Pre-answer common buyer concerns to reduce inbound questionnaire volume.
- Data Handling — How your organization collects, processes, stores, and protects data
- Trusted Clients — Logos of customers who trust your security practices
- Testimonials — Quotes from customers or partners about your security program
- Media & Press — Security-related press coverage or blog posts
- Updates — Recent security improvements, certifications, or compliance milestones
How the Trust Center Works
The Trust Center pulls data directly from your LowerPlane compliance program:Configure sections
Choose which sections to display and what content to include in each. You control exactly what is public.
Brand your portal
Add your company logo, name, and colors. The Trust Center reflects your brand, not LowerPlane’s.
Publish
Your Trust Center is published at a URL you choose. Share it with prospects, include it in RFP responses, and link to it from your website.
Access Controls
You can control who sees what on your Trust Center:| Access Level | Description |
|---|---|
| Fully public | Anyone with the URL can view the content. No login required. |
| Access request | Visitors must submit a request form to view certain documents (e.g., SOC 2 reports, detailed policies). You approve or deny requests. |
| NDA-gated | Require an NDA before granting access to sensitive security documentation. |
Benefits of a Trust Center
| Benefit | Impact |
|---|---|
| Reduce questionnaire volume | Proactively answer common security questions, reducing inbound questionnaires by up to 50% |
| Accelerate sales cycles | Give prospects instant access to security information instead of waiting for your team to respond |
| Demonstrate transparency | Show customers that you take security seriously and have nothing to hide |
| Maintain consistency | Every prospect sees the same, accurate, up-to-date security information |
| Simplify compliance sharing | One URL replaces dozens of email exchanges and document shares |
Trust Center and GDPR
If you process data of EU/EEA residents, your Trust Center serves double duty:- The Subprocessors section fulfills GDPR Article 28 transparency requirements
- The Policies section can host your publicly required Privacy Policy
- The Data Handling section demonstrates Article 5 transparency principles
The Trust Center is not a replacement for your legal privacy policy. However, it is an effective supplement that makes your privacy and security practices more accessible.
Getting Started
Configure Your Trust Center
Set up your Trust Center with custom branding, sections, and access controls.
Manage Subprocessors
Add and manage your subprocessor list for Trust Center display.
You can preview your Trust Center at any time before publishing it. Use the preview to verify that all sections display correctly and that the branding matches your expectations.