Security at EndrickAI
Your security is our top priority. Learn about the comprehensive measures we take to protect your data and ensure privacy.
Enterprise-Grade Security Features
End-to-End Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
Row-Level Security
Advanced access controls ensure users can only access their own data, enforced at the database level.
Multi-Factor Authentication
Optional 2FA support for enhanced account security using TOTP or SMS verification.
Security Monitoring
24/7 monitoring for suspicious activities with automated threat detection and response.
Zero-Knowledge Architecture
We cannot access your encrypted data. Only you have the keys to decrypt your information.
Regular Security Audits
Third-party security audits conducted quarterly to ensure the highest security standards.
Compliance & Certifications
| Standard | Description | Status |
|---|---|---|
| SOC 2 Type II | Audited for security, availability, and confidentiality | Compliant |
| GDPR | EU General Data Protection Regulation | Compliant |
| CCPA | California Consumer Privacy Act | Compliant |
| ISO 27001 | Information security management | In Progress |
| HIPAA | Health Insurance Portability and Accountability Act | Available on Enterprise |
Need specific compliance information? Contact our team
Our Security Practices
Infrastructure Security
- All servers hosted in SOC 2 compliant data centers
- Network isolation and firewall protection
- DDoS protection and mitigation
- Regular security patches and updates
- Automated vulnerability scanning
Application Security
- Secure coding practices and code reviews
- Input validation and sanitization
- Protection against OWASP Top 10 vulnerabilities
- Regular penetration testing
- Bug bounty program for security researchers
Data Protection
- Data encryption at rest and in transit
- Secure key management systems
- Regular encrypted backups
- Data retention and deletion policies
- Anonymization of sensitive data
Access Control
- Role-based access control (RBAC)
- Principle of least privilege
- Regular access reviews
- Session management and timeout
- IP allowlisting for enterprise accounts
Your Data, Your Control
Data Ownership
You retain full ownership of all data you upload or create within EndrickAI. We never use your data for training our models or share it with third parties without your explicit consent.
Data Deletion
You can delete your data at any time. When you delete data, it's immediately removed from our active systems and permanently erased from backups within 30 days.
Data Portability
Export your data anytime in standard formats. We support bulk exports and provide tools to help you migrate your data if needed.
Questions About Security?
Our security team is here to help with any questions or concerns.