Security & Trust

Your data, locked down by default

Autoscio is multi-tenant by design, which means isolation isn't a feature we bolted on — it's the assumption every query, upload, and AI call is built around.

Tenant isolation, enforced at every layer

Every Postgres query, every vector search, and every S3 object key is scoped to your organization. Retrieval that could cross tenants is treated as a critical bug, not an edge case.

Encryption everywhere it matters

API keys, WhatsApp tokens, and other credentials are encrypted at rest with AES-256-GCM — never stored in plaintext. All traffic between your browser, our API, and third-party providers runs over TLS.

PIN-locked sensitive folders

Knowledge base folders can be double-locked behind a secondary PIN, so the AI agent — and anyone browsing your workspace — needs explicit access before it can read what’s inside.

AI answers are grounded, not improvised

Retrieval falls back to an empty context (no fabricated citations) when confidence is below threshold. Retrieved document content is treated as data, not instructions, so an uploaded file can’t hijack the assistant’s behavior.

Abuse and overload protection

Per-organization rate limits, provider-key circuit breakers, and per-customer abuse throttling keep one noisy tenant or one bad actor from degrading the platform for everyone else.

Least-privilege access control

Role-based access (Super Admin / Org Owner / Agent) gated by JWT auth on every route. Object-level ownership is re-verified server-side before any file, folder, or conversation action — not just at the route level.

Compliance posture

Where we are, plainly stated

We build to SOC 2-aligned practices — tenant isolation, encryption at rest and in transit, least-privilege access, and audit logging of admin actions — but we are not yet formally SOC 2 or ISO 27001 certified. We'll update this page the moment that changes.

If your procurement process needs specifics beyond this page — a security questionnaire, a DPA, or details on a control above — email security@autoscio.appand we'll respond directly.

Sub-processors

Third parties that may process data on your behalf, depending on which providers you configure for your workspace.

AI model providers

OpenAI, Anthropic, or Google Gemini — whichever you configure — process message text to generate replies and embeddings.

AWS S3

Stores uploaded knowledge base files under tenant-prefixed keys, via short-lived presigned URLs.

Meta / WhatsApp Cloud API

Delivers and receives WhatsApp messages for connected numbers; webhooks are signature-verified before processing.

Delete your data, anytime

Self-service deletion for individual configs, or a full account purge on request — processed within 48 hours.

Data deletion instructions →

Found a vulnerability?

We take reports seriously and will acknowledge within one business day. Please report privately before any public disclosure.

security@autoscio.app →