Security
Security Whitepaper
Enterprise-grade protection for your AI conversation data
Data Protection
Encryption and data handling procedures
Encryption at Rest
AES-256 encryption for all stored data
Encryption in Transit
TLS 1.3 for all data transmission
Data Privacy
Your data is never used to train AI models
Data Retention
Automated policies, user-controlled deletion
Data Sovereignty
You own your data. Export or delete anytime
Infrastructure Security
Cloud and application security measures
Hosting
Multi-region deployment on enterprise cloud infrastructure
DDoS Protection
Web Application Firewall (WAF) and DDoS mitigation
Network Isolation
Virtual Private Cloud (VPC) with network segmentation
Security Audits
Regular security assessments and penetration testing
OWASP Compliance
Following OWASP Top 10 security best practices
Compliance & Monitoring
Standards certification and security monitoring
SOC 2 Type II
Independently audited security controls
ISO 27001
Information security management system aligned
GDPR & CCPA
Compliant data processing and privacy controls
24/7 Monitoring
Automated threat detection and real-time alerting
Incident Response
24-hour response SLA with documented procedures
Business Continuity
Backup, recovery, and high availability
Automated Backups
Daily backups with cross-region replication
Point-in-Time Recovery
Restore data to any point within retention period
Uptime SLA
99.9% uptime guarantee with load balancing
Health Monitoring
Real-time system health checks and failover
Sub-processors & Partners
Trusted third-party service providers with DPAs
Cloud Infrastructure
Google Cloud Platform, Vercel
Database
Supabase (PostgreSQL)
Payment Processing
Stripe (PCI DSS compliant)
AI Processing
OpenAI API (SOC 2 certified)
Error Monitoring
Sentry
Legal & Compliance Documents
Policies and agreements