Infrastructure
- Encryption in transit and at rest
- Restricted production access
- Network segmentation where applicable
Controls
High-level security themes: isolation between customers, encryption, access control, logging, and vendor management.
Organization
- Asset and access reviews
- Documented security responsibilities
- Onboarding and offboarding for systems access
Product
- Tenant-scoped data access
- Security testing
- Change management for production
Data and privacy
- Data deletion on contract end where applicable
- Subprocessor transparency
- Privacy requests via privacy@auvy.ai
Summary
| Area | Summary |
|---|---|
| Isolation | Customer data is scoped by workspace; access follows authenticated session context. |
| Encryption | TLS for data in transit; provider-managed encryption at rest for primary data stores. |
| Access | Least-privilege access to production; MFA for privileged accounts. |
| Logging | Security-relevant actions logged for audit and incident response. |
| Availability | Backups and recovery practices aligned with service needs. |
| Vendors | Subprocessors listed on this site; agreements and DPAs where required. |