Security is our
core business.
We protect the most sensitive data for hundreds of organizations. Here is how we keep it safe.
Compliance & Certifications
Third-party validated security you can trust
SOC 2 Type II
Annual audit of security, availability, and confidentiality controls.
ISO 27001
International standard for information security management.
GDPR
Full compliance with EU data protection regulations.
HIPAA
BAA available for healthcare customers.
Security Practices
How we protect your data at every level
Encryption
All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Customer data is isolated using tenant-specific encryption keys.
Infrastructure
Hosted on AWS with SOC 2 certified data centers. Multi-region deployment with automatic failover and 99.99% uptime SLA.
Access Control
Role-based access control, SSO integration, and audit logging for all system access. Zero standing privileges for engineering.
Background Checks
All employees undergo comprehensive background checks. Security training is mandatory and ongoing.
Penetration Testing
Annual third-party penetration tests by industry-leading firms. Continuous vulnerability scanning and remediation.
Bug Bounty
Active bug bounty program with rewards up to $10,000 for critical vulnerabilities. Responsible disclosure policy.
Your data, your control
We believe you should have full control over your data. Here are our commitments:
- Customer data is never used for model training
- Data retention policies configurable per customer
- Right to deletion honored within 30 days
- Data processing agreements (DPA) available
- Sub-processors disclosed and audited
- Data residency options for EU customers
Request Security Documentation
Need our SOC 2 report, penetration test summary, or security questionnaire? We are happy to provide them.
Bug Bounty Program
Found a security vulnerability? We reward responsible disclosure with bounties up to $10,000.