Your data is safe with us.
Security is built into everything we do. Your data is encrypted, private, and never used to train any AI model. Here's how we protect it.
Certifications
Independently verified
SOC 2 Type II
Independently audited security and availability controls over a twelve-month observation period. Report available under NDA.
GDPR
GDPR-compliant data processing for European customers. Data processing agreements and configurable data residency available on request.
HIPAA-Ready
Our infrastructure supports HIPAA requirements. Business Associate Agreements available for healthcare organizations.
Security Controls
How we protect your data
Infrastructure Security
- All data encrypted when stored and when transmitted
- Hosted on SOC 2 Type II certified cloud infrastructure
- Network isolation with strict access controls
- Automated vulnerability scanning and patching
- DDoS protection at the edge
Access Control
- Role-based access control for all resources
- Multi-factor authentication for all internal access
- SSO/SAML available for enterprise customers
- Automated access provisioning and removal
- Privileged access management with session logging
Data Handling
- Your data is never used to train any AI model
- Complete data isolation between customers
- Configurable data retention and deletion
- Data residency options for EU customers
- Secure data export and portability on request
Operational Security
- 24/7 monitoring with automated alerting
- Documented incident response with defined timelines
- Regular security exercises and simulations
- Change management with peer review and rollback
- Background checks and security training for all staff
Shared Responsibility
Our commitment, your role
Security is a shared responsibility. We secure the platform; you manage your team's access and data policies.
What WebAir handles
- Infrastructure and platform security
- Encryption for all data
- Platform availability and disaster recovery
- Vulnerability management and patching
- SOC 2 audit maintenance
- Incident detection, response, and notification
What you manage
- User access and authentication settings
- Data retention and sharing preferences
- Appropriate use of connected tools
- Sensitive data classification
- Reporting suspected security issues
- Reviewing your compliance settings
Security questions?
Request our SOC 2 Type II report, discuss HIPAA setup, or report a security concern.
Contact Security TeamReady to try the only AI your business needs?
Start your 7-day free trial. Every model, every feature included.