[ Trust ]

Security is engineering.

How we protect customer data, operate infrastructure, and support enterprise deployments — with evidence, not slogans.

Transit
TLS 1.3

Encrypted by default

Compliance
SOC 2

Type II in progress

Pro uptime
99.9%

Target availability

Security
Report

security@idonai.com

[ Controls ]

Four pillars we operate on

Select a pillar for detail. These are production practices — not a marketing checklist.

[ In transit & at rest ]

Encryption

TLS 1.3 for all public endpoints. Stored data and backups encrypted at rest with managed keys. Secrets never land in logs.

  • TLS 1.3 everywhere
  • Encryption at rest
  • Key rotation

[ Documents ]

Policies you can read

[ Availability ]

Uptime & support targets

TierUptime targetSupportResponse
Pro99.9%Business hours email1 business day
Enterprise99.95%Dedicated channelCustom SLA

Targets, not guarantees, unless contracted. Status lives at /status.

[ Data practices ]

What happens to your content

01

Training data

Customer API content is not used to train public models by default. Enterprise agreements can harden this further.

02

Retention

Logs and request metadata follow plan settings. Enterprise customers can request custom retention windows.

03

Subprocessors

A limited set of providers for hosting, auth, and email. Current list available on request for enterprise.

[ Report a concern ]

Responsible disclosure

  1. 01

    Email security

    Write security@idonai.com with steps to reproduce.

  2. 02

    We triage

    We acknowledge and classify severity.

  3. 03

    We fix & notify

    Patch, verify, and update affected parties when required.

[ Enterprise ]

Need a security review packet?

We can share architecture overviews, DPA drafts, and subprocessors under NDA for qualified deployments.