We never train AI on your data
Your input goes to Google Gemini and OpenAI under API contracts that exclude inputs from training. We don't log input outside your generation row. BYOK lets you use your own keys.
Trust center
Built with security and compliance from day one.
We handle pre-launch product intelligence - roadmaps, competitor analysis, internal Slack threads. That data deserves a security posture appropriate to its sensitivity.
01 . Our commitments
Six things we promise, in writing.
30-day deletion SLA
Delete your workspace from Settings and your data is permanently erased within 30 days. Tax invoices retained 8 years per Indian Companies Act 128.
Encrypted at rest and in transit
TLS 1.2+ in transit. AES-256 at rest. Additional AES-256-GCM application-layer encryption for stored third-party credentials. Passwords are bcrypt-hashed.
Row-level security on every table
Postgres RLS policies ensure each user's queries only see rows they own. Service-role access is restricted to trusted server endpoints, never the client.
72-hour breach notification
We commit to notifying affected users and supervisory authorities within 72 hours of becoming aware of a personal data breach (DPDP 8(6), GDPR Art 33).
Hashed IPs, never raw
We never store raw IP addresses. SHA-256 hashes are kept 90 days for abuse-prevention only, then deleted.
02 . Compliance status
Honestly, where we are.
DPDP Act 2023 (India)Compliant
Grievance Officer designated, breach SLA in place, consent-based processing.
GDPR (EU / UK)Compliant
Lawful basis declared per Art 6, EU SCCs Module 2 incorporated in our DPA, 30-day response to data-subject rights.
CCPA / CPRA (California)Compliant
We don't sell or share personal information. GPC honoured. 45-day response to consumer rights.
SOC 2 Type 1In preparation
Targeting audit within 12 months of crossing 100 paid customers. Continuous monitoring in place.
Need a vendor security questionnaire?
We respond to CAIQ-Lite, SIG-Lite, and custom security questionnaires within 5 business days. A counter-signed DPA is available on request. Email us with your timeline and we'll align.