Our commitment: We do not train our models on customer data and we use isolated processing environments for all operations.
At a Glance
Secure by Design
Built with security at every layer of our infrastructure
Regional Data Controls
Choose where your data resides with flexible deployment options
Always-on Uptime
Reliable infrastructure you can count on, 24/7
Compliance Certifications
GDPR
CompliantFull compliance with EU data protection regulations
ISO 27001
Auditing in ProgressExpected completion: January 2026
SOC 2 Type II
Auditing in ProgressExpected completion: January 2026
Our ISO 27001 and SOC 2 Type II certifications are currently undergoing formal auditing through Vanta.
Data Protection
We Don’t Train on Your Data
Your data is yours. Period.- Customer content (prompts, messages, documents, and data from integrated third-party services) is never used to train our AI models
- Operational data is collected solely for platform optimization, security, and service improvement
- Integration data from connected third-party services is processed but never used for training—we may track which services are connected and usage frequency, but not the substance of your data
Isolated Processing Environments
All task execution occurs in secure, sandboxed environments:- Temporary processing — Business data is processed only for the duration of your request
- Automatic deletion — Data is automatically purged upon task completion
- No cross-contamination — Each execution environment is isolated from others
Infrastructure Security
We enforce robust security measures across our entire infrastructure.Authentication & Access Control
Authentication & Access Control
- Unique account authentication — Every account requires secure, unique credentials
- Restricted production access — Production network access is strictly limited and monitored
- Encrypted access — All infrastructure access is encrypted end-to-end
- Multi-factor authentication — MFA supported for all accounts
Data Encryption
Data Encryption
- End-to-end encryption — Data encrypted in transit and at rest
- Secure API connections — All integration partners connect via secure, encrypted channels
- TLS/SSL — Industry-standard transport layer security for all communications
Network Security
Network Security
- Firewalls and intrusion detection — Continuous monitoring for threats
- DDoS protection — Built-in protection against distributed denial-of-service attacks
- Regular security audits — Ongoing assessments to identify and address vulnerabilities
Organizational Security
Security is embedded in how we operate as a company.- Comprehensive codes of conduct — Clear guidelines for all employees on security practices
- Security policies — Documented procedures for handling data and responding to incidents
- Device management — Company devices are managed with security controls and encryption
- Employee training — Regular training on data protection and security awareness
- Access controls — Personnel access to personal data is strictly limited on a need-to-know basis
Product Security
Every service we offer is built with security in mind.- Data encryption — All services utilize encryption for data at rest and in transit
- Regular self-assessments — Continuous security controls and testing
- Incident response procedures — Documented processes for rapid response to security events
- Secure development practices — Security is integrated into our development lifecycle
GDPR Compliance
We are fully committed to GDPR compliance and protecting the rights of data subjects.Your Rights
Under GDPR, you have the right to:| Right | Description |
|---|---|
| Access | Request a copy of your personal data |
| Rectification | Correct inaccurate personal data |
| Erasure | Request deletion of your personal data |
| Restriction | Limit how we process your data |
| Portability | Receive your data in a portable format |
| Object | Object to certain types of processing |
Data Transfers
For transfers of personal data outside the EU/EEA, we ensure adequate protection through:- Standard Contractual Clauses — Agreements approved by the European Commission
- Additional protective measures — Including pseudonymization, IP anonymization, and encryption
- Due diligence — Careful assessment of data recipients and their security practices
Our Roles
- Data Processor — When providing services on behalf of customers
- Data Controller — In specific situations such as job applications or customer support inquiries
Trust Center
For comprehensive information about our security practices, compliance status, and certification roadmap, visit our Trust Center.Visit Trust Center
Get detailed security documentation, compliance certificates, and real-time status updates.
Additional Resources
Privacy Policy
Read our full privacy policy for detailed information on how we handle your data.
Terms of Service
Review our terms of service and conditions.
API Status
Monitor real-time API status and uptime.
Contact Us
Have questions about security? Get in touch with our team.
Enterprise Options
For organizations with advanced security requirements, we offer:- Data Processing Agreements (DPA) — Custom agreements tailored to your compliance needs
- Private tenant deployments — Dedicated infrastructure for complete isolation
- Custom data residency — Choose specific regions for data storage and processing
- Enhanced SLAs — Guaranteed uptime and response times
Contact Sales
Interested in enterprise security options? Talk to our team about your requirements.