security
your agents run with your credentials, your data, and your integrations.
we treat that responsibility seriously.
how we protect your data
encrypted everywhere
all data encrypted in transit (TLS 1.2+) and at rest (AES-256). secrets use envelope encryption with key rotation.
isolated execution
agents run in sandboxed containers. minimal base images, non-root processes, no shared state between tenants.
audited access
every authentication, authorization, and data access event is logged. alerts fire on suspicious patterns automatically.
no training on your data
your inputs and outputs are yours. we don't use customer content to train models or share it with third parties.
compliance
PCI DSS
payment data never touches our servers. handled entirely by Stripe.
GDPR
data minimization, subject rights, documented sub-processors. see privacy policy.
HIPAA
technical safeguards in place. BAA available on request.
SOC 2
controls implemented, formal audit in progress.
report a vulnerability
found something? email [email protected]
we acknowledge within 48 hours and respond in detail within 7 days.
last updated: july 2026
we use cookies
we use cookies to ensure you get the best experience on our website. for more information on how we use cookies, please see our cookie policy.
by clicking "accept", you agree to our use of cookies.
learn more.