Security Policy

Our infrastructure is designed to protect user conversations with robust security measures:

• SOC 2 Type II certified data centers with 24/7 physical security
• Redundant systems and encrypted backups to ensure data availability
• Continuous monitoring for threats and vulnerabilities
• Regular penetration testing to identify and fix security gaps

We prioritize the security of your conversations and personal data:

• TLS 1.3 encryption for all data transmitted between you and our servers
• AES-256 encryption for data stored on our systems
• Timely application of security patches and updates
• Strict access controls and multi-factor authentication for our team
• Isolation of user data to prevent unauthorized access

Your interactions with our AI are safeguarded through:

• Rate limiting to protect against abuse and denial-of-service attacks
• Input validation to prevent malicious content
• Anonymous handling of conversation data where possible

We adhere to global privacy and security standards:

• SOC 2 Type II certification
• GDPR compliance for users in the European Union
• CCPA compliance for residents of California
• Regular audits to maintain certification standards

Our response to security incidents is proactive and transparent:

• 24/7 monitoring with real-time alerts
• Well-defined incident response and recovery procedures
• Timely notification to affected users
• Thorough post-incident analysis and improvement reports
• Ongoing training for our security team

We encourage users to enhance their security:

• Avoid sharing sensitive personal information in chats
• Monitor account activity and report suspicious behavior