We are SOC 2 Type II compliant, with our latest audit currently under review. We ensure the highest level of data protection, confidentiality and operational integrity.
Data is encrypted using industry standards both at rest (AES-256) and in transit (TLS). API keys are encrypted at the application level prior to being stored in our database.
We use Stripe, a PCI Service Provider Level 1, for secure payment processing and subscription management. We do not store any personal credit card information.
We use role-based access control (RBAC) to restrict access at the lowest level using database roles and permissions, ensuring that only authorized users have access to specific areas of the platform.
We maintain comprehensive audit logs of all user activity on the platform. These logs enable us to monitor for suspicious behavior and thoroughly investigate any potential security incidents.
We use advanced security monitoring tools to detect and respond to potential security incidents in real-time, allowing us to identify and mitigate threats before they can cause any harm.
We are fully committed to safeguarding the privacy of our users' data. Our AI models are not trained on your data, keeping it private.
We have a comprehensive incident response plan designed to handle security incidents promptly through identification, containment, and remediation.