Autoscio is multi-tenant by design, which means isolation isn't a feature we bolted on — it's the assumption every query, upload, and AI call is built around.
Every Postgres query, every vector search, and every S3 object key is scoped to your organization. Retrieval that could cross tenants is treated as a critical bug, not an edge case.
API keys, WhatsApp tokens, and other credentials are encrypted at rest with AES-256-GCM — never stored in plaintext. All traffic between your browser, our API, and third-party providers runs over TLS.
Knowledge base folders can be double-locked behind a secondary PIN, so the AI agent — and anyone browsing your workspace — needs explicit access before it can read what’s inside.
Retrieval falls back to an empty context (no fabricated citations) when confidence is below threshold. Retrieved document content is treated as data, not instructions, so an uploaded file can’t hijack the assistant’s behavior.
Per-organization rate limits, provider-key circuit breakers, and per-customer abuse throttling keep one noisy tenant or one bad actor from degrading the platform for everyone else.
Role-based access (Super Admin / Org Owner / Agent) gated by JWT auth on every route. Object-level ownership is re-verified server-side before any file, folder, or conversation action — not just at the route level.
We build to SOC 2-aligned practices — tenant isolation, encryption at rest and in transit, least-privilege access, and audit logging of admin actions — but we are not yet formally SOC 2 or ISO 27001 certified. We'll update this page the moment that changes.
If your procurement process needs specifics beyond this page — a security questionnaire, a DPA, or details on a control above — email security@autoscio.appand we'll respond directly.
Third parties that may process data on your behalf, depending on which providers you configure for your workspace.
OpenAI, Anthropic, or Google Gemini — whichever you configure — process message text to generate replies and embeddings.
Stores uploaded knowledge base files under tenant-prefixed keys, via short-lived presigned URLs.
Delivers and receives WhatsApp messages for connected numbers; webhooks are signature-verified before processing.
Self-service deletion for individual configs, or a full account purge on request — processed within 48 hours.
Data deletion instructions →We take reports seriously and will acknowledge within one business day. Please report privately before any public disclosure.
security@autoscio.app →