SHEET 01Security & ComplianceBRIEF

Enterprise-grade certifications & compliance

Assistents meets the most rigorous security and data protection standards, giving enterprise customers the confidence they need. Our multi-layered approach to compliance covers certifications, technical controls, AI governance, and continuous monitoring.

View security details Schedule security review

SOC 2 Type II
ISO 27001
GDPR Compliant
HIPAA Ready
SOC 3
CCPA Compliant

6Certifications and frameworks

256-bitAES encryption at rest

TLS 1.3Encryption in transit

90-dayAudit log retention

SHEET 02CertificationsCERT-01..06

Industry-leading certifications

Our platform holds the certifications enterprises require to meet regulatory and security obligations.

CERT-01Active

SOC 2 Type II

Independent audit of security, availability, and confidentiality controls. Annual recertification.

CERT-02Active

ISO 27001

International standard for information security management systems (ISMS).

CERT-03Active

GDPR Compliant

Full compliance with EU General Data Protection Regulation. Data processing agreements available.

CERT-04Active

HIPAA Ready

Technical safeguards for protected health information. BAA available for healthcare customers.

CERT-05Active

SOC 3

Public-facing trust report for service organizations.

CERT-06Active

CCPA Compliant

California Consumer Privacy Act compliance for US data subjects.

SHEET 03Technical ControlsDEFENSE-IN-DEPTH

Defense-in-depth data security

Every layer of assistents' infrastructure is designed with security as a first principle.

Our platform employs industry-standard encryption, access controls, and monitoring to protect your data. Every transmission is encrypted end-to-end. Data at rest uses the strongest available algorithms. Access is restricted through role-based controls and multi-factor authentication. All actions are logged and auditable.

We support customer-managed encryption keys, allowing you to maintain full control over encryption materials. Audit logs are retained for compliance periods and can be exported for forensic analysis. Single sign-on integrations reduce friction while strengthening identity security.

Technical controlsEnforced

AES-256 encryption at rest
TLS 1.3 in transit
Customer-managed encryption keys (BYOK)
Role-based access control (RBAC)
SSO via SAML 2.0 and OIDC
Multi-factor authentication
IP allowlisting
Audit logging with 90-day retention

SHEET 04AI GovernanceGOV-01..06

Responsible AI controls

Enterprise governance features built into every agent, ensuring security, fairness, and human oversight.

GOV-01

Model Governance

Control which AI models are used, set guardrails, monitor outputs

GOV-02

Data Isolation

Per-tenant data isolation, no cross-contamination, no training on customer data

GOV-03

Prompt Security

Input/output filtering, PII redaction, injection prevention

GOV-04

Audit Trail

Every agent action logged with user, timestamp, input, output, and decision rationale

GOV-05

Human-in-the-Loop

Configurable approval workflows for sensitive actions

GOV-06

Bias Monitoring

Continuous monitoring for output fairness and accuracy drift

SHEET 05DocumentationDOC-01..06

Compliance documentation & agreements

We provide the documentation your compliance, legal, and security teams need.

Documents register6 items

DOC-01Security whitepaper available on request
DOC-02Penetration test reports (annual, by third party)
DOC-03Data processing agreements (DPA)
DOC-04Business associate agreements (BAA) for HIPAA
DOC-05Sub-processor list
DOC-06Privacy policy and terms of service

Most documentation is available to existing customers through the admin portal. New customers and prospects can request documentation during the sales process or by contacting our security team.

SHEET 06Sign-offREADY

Security & compliance questions?

Our security team is ready to discuss your compliance requirements, review our controls, and provide documentation.

Talk to our security team View security & trust

Scope: Security and compliance
Controls: SOC 2 · ISO 27001 · GDPR · HIPAA
Review: Annual third-party audit
Sheet: 6 of 6 · Compliance