Security & Compliance
Your data security is our top priority. Learn about the measures we take to protect your information.
Data Encryption
All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. OAuth tokens and sensitive credentials are encrypted with Fernet (AES-128-CBC) before storage.
GDPR Compliance
We are fully compliant with the General Data Protection Regulation (GDPR). Users can export, modify, or delete their personal data at any time through our self-service GDPR tools.
SOC 2 Ready
Our infrastructure and processes are designed to meet SOC 2 Type II standards for security, availability, and confidentiality. We continuously monitor and improve our security controls.
Infrastructure Security
Hosted on enterprise-grade cloud infrastructure with automatic scaling, redundancy, and 99.9% uptime SLA. All servers are in SOC 2 certified data centers with 24/7 physical security.
Access Control
Role-based access control (RBAC) with multi-tenant isolation ensures users only access their own data. Two-factor authentication (2FA) via TOTP is available for all accounts.
Data Retention
We retain your data only as long as your account is active. Upon account deletion, all personal data is permanently removed within 30 days, with analytics data anonymized for aggregate insights.
Vulnerability Reporting
We welcome responsible security disclosures. If you discover a vulnerability, please report it to security@aibrify.com. We aim to acknowledge reports within 24 hours and resolve critical issues within 72 hours.
OAuth & API Security
All API endpoints are authenticated via JWT tokens with short expiration. OAuth integrations use the principle of least privilege, requesting only necessary platform permissions.
For security-related inquiries, contact security@aibrify.com