We take a multi-layered approach to security to ensure your data is protected.
<aside> ⚡
Summary: SOC2 Type II certification in progress.
</aside>
We're already implementing robust controls and are in the process of getting SOC2 certified by satisfying strict requirements like documented policies, access management protocols, encryption standards, and continuous monitoring systems. Our upcoming third-party audit will validate our security framework, with commitment to annual reassessments through SOC2 Type II audits.
<aside> ⚡
Summary: All data is pseudonymized.
</aside>
All device and personal identifiers are replaced by non-identifiable text strings using masking, table-based tokenization and one-way hashing, preventing us from directly linking any individuals or companies to the data we collect.
Here’s what it looks like:
| Method | Why we use it | Example |
|---|---|---|
| Masking | To hide emails, SSNs, ID numbers | [email protected] → [EMAIL_REMOVED] |
| Tokenization (table-based) | To anonymize names | John Doe → Hond Bru |
| Hashing | To prevent linking to individuals | John Doe → ds9wpas2a |
This way, our system can collect the metadata required to produce automation recommendations while maintaining strong privacy protections. Learn more about pseudonymization.
<aside> ⚡
Summary: All data is encrypted.
</aside>
Our desktop agent captures data and immediately encrypts it. It remains encrypted in transit to our database and at rest. We use the latest encryption protocols for this — TLS and RDS AES-256.
<aside> ⚡
Summary: You can set up various filters, 'blacklist' any applications you don't want to track or, conversely, only track those you ‘whitelist’.
</aside>