security

your agents run with your credentials, your data, and your integrations.
we treat that responsibility seriously.

how we protect your data

encrypted everywhere

all data encrypted in transit (TLS 1.2+) and at rest (AES-256). secrets use envelope encryption with key rotation.

isolated execution

agents run in sandboxed containers. minimal base images, non-root processes, no shared state between tenants.

audited access

every authentication, authorization, and data access event is logged. alerts fire on suspicious patterns automatically.

no training on your data

your inputs and outputs are yours. we don't use customer content to train models or share it with third parties.

compliance

PCI DSS

payment data never touches our servers. handled entirely by Stripe.

GDPR

data minimization, subject rights, documented sub-processors. see privacy policy.

HIPAA

technical safeguards in place. BAA available on request.

SOC 2

controls implemented, formal audit in progress.

report a vulnerability

found something? email [email protected]

we acknowledge within 48 hours and respond in detail within 7 days.

last updated: july 2026

we use cookies

we use cookies to ensure you get the best experience on our website. for more information on how we use cookies, please see our cookie policy.

by clicking "accept", you agree to our use of cookies.
learn more.