Security & Privacy
Our security practices, data handling, and compliance certifications.
4 min read5,100 viewsUpdated 2026-02-09
Encryption
All data is encrypted at rest and in transit:
| Layer | Method |
|---|---|
| At rest | AES-256 |
| In transit | TLS 1.3 |
| Database | Per-workspace encryption keys |
| Backups | AES-256, stored in separate region |
Agent conversations and task data are stored in isolated, encrypted databases per workspace. No cross-workspace data access is possible.
Compliance
Botonom maintains the following certifications:
- ✅ SOC 2 Type II — annually audited
- ✅ GDPR compliant — EU data processing
- ✅ ISO 27001 — information security management
- 🔜 HIPAA — expected Q3 2026
Data processing agreements (DPAs) are available for enterprise customers.
Request a copy of our SOC 2 report or DPA by contacting security@botonom.com.
securityprivacycompliance
Was this helpful?
More questions? Contact support