Security.
TLS 1.3+. AES-256-GCM. SOC 2 Type II in observation.
Posture
- SOC 2 Type II in observation (started 2026-04-20, target report ~2026-10-20)
- All production traffic uses TLS 1.3+
- Data at rest encrypted with AES-256 (Supabase Postgres, AWS S3)
- Secrets stored in Railway vault + AWS KMS; rotated on incident and annually
- Annual penetration test (next: 2026-10)
Sub-processors
| Sub-processor | Purpose | Data | Region |
|---|---|---|---|
| Supabase | Auth, Postgres | PII, audit_event, team_member | us-east-1 |
| Railway | Redis, application hosting | Transient queue state | us-west2 / us-east-1 |
| Fly.io | Managed workers (Enterprise) | Customer compute | Multi-region |
| Stripe | Billing | customer_id, invoice | US |
| Anthropic | Brand-tone LLM judge | Outbound payload samples | US |
| Slack | Approval callbacks | Approval metadata | US |
| AWS | S3 staging (audit export) | Parquet exports | us-east-1 |
| Sentry | Error tracking | Stack traces, user_id | US |
Data handling
- Encryption at rest
- AES-256-GCM for customer secrets (webhook, callback, mTLS CA) and audit-export credentials.
- Encryption in transit
- TLS 1.3+ on all connections.
- Retention
- Plan-based: Hobby 7 days, Pro 30 days, Team 90 days, Enterprise 365 days+.
- PII redaction
- Applied before the worker receives a payload. See the Guardrail Engine docs.
Incident response
We disclose confirmed breaches affecting customer data within 24 hours of confirmation.
Contact: [email protected]
Found a vulnerability? Email [email protected] with a description. We acknowledge reports within 24 hours and remediate critical issues within 7 days.