Learn our approach to building reliable and secure AI and employee platforms — including our commitment to security, data handling, privacy, and compliance.
Don't take our word for it
We prioritize compliance with global privacy and security standards.
SOC 2 Type 1
Security, confidentiality, availability, and privacy trust services criteria
CSA Star Level 1
Enhanced security controls for cloud applications and service providers
Coming Soon: ISO 27001
Global standard for information security management systems
Coming Soon: SOC 2 Type 2
Security, confidentiality, availability, and privacy trust services criteria
We leverage best practices across company policies to ensure you can rest easy with your information
Data security
Data Security Measures: Data encryption techniques both in transit and at rest to safeguard your data from unauthorized access.
Data Backup and Recovery: Regular backups of your data are performed to ensure its availability and protection against unexpected events.
Vulnerability Management: Our dedicated security team conducts regular assessments and penetration testing to identify and address potential security vulnerabilities.
Secure User Authentication: We enforce strong password policies and support multi-factor authentication (MFA) to enhance user authentication security.
Application security
Secure Development: Rigorous code reviews, testing, and adherence to secure coding practices to minimize the risk of introducing security vulnerabilities.
Real-time Security Monitoring: Advanced monitoring tools are employed to detect and respond to suspicious activities or potential security incidents promptly.
API and Integration Security: APIs and integrations are designed with security in mind, employing secure protocols and robust access controls.
User Privacy Protection: Data anonymization and pseudonymization to minimize the risk of identifying personal information within the data.
Infrastructure security
Network Security: Firewalls, intrusion detection systems (IDS), and network segmentation within our infrastructure to safeguard against unauthorized access.
Cloud Security: With Amazon Web Services (AWS) and Microsoft Azure, we benefit from their robust security measures and leverage their secure cloud infrastructure.
Incident Response and Business Continuity: A dedicated incident response team trained to handle security incidents promptly with business continuity plans.
Physical Security Measures: AWS data centers adhere to stringent physical security controls, including access controls, surveillance systems, and environmental controls.
Personnel security
Employee Security Awareness: Regular security training and education programs are provided to our employees, enhancing their awareness of potential threats.
Access Control and Monitoring: We enforce strong access controls, ensuring employees have access only to the systems and data necessary for their roles.
Background Checks: Thorough background checks are conducted during the hiring process to verify the identity and integrity of potential employees.
Confidentiality Agreements: Non-disclosure agreements (NDAs) are in place to protect the confidentiality of sensitive information that employees may encounter.
Policy security
Proactive Security Measures: Continuous monitoring, proactive threat intelligence, and regular security risk assessments enable us to identify and address threats.
Adaptive Security Practices: Security incident analysis and lessons learned are utilized to continually improve our security practices and mitigate similar incidents in the future.
Transparent Security Policies: We maintain up-to-date security documentation and foster transparency by providing stakeholders with information about our practices.
Collaborative Security Culture: Security awareness training and cross-functional security teams promote a culture of security, encouraging employees to report concerns.
Need to talk to us?
Please use one of the options below to get in touch with our security team
Responsible disclosure
We are committed to working with researchers to verify, reproduce and respond to legitimate reported security vulnerabilities.