Enterprise-Grade Security
We implement comprehensive security protocols, including:Security & control
- End-to-end encryption: AES-256 for data at rest and TLS 1.2+ for data in transit
- SSO + MFA: Microsoft 365 single sign-on with optional multi-factor authentication
- Role-based access control (RBAC) with audit logs
- SOC-2 Type II certified with report available under NDA
- Annual third-party penetration tests and static analysis on every deploy
- Daily dependency updates to address known vulnerabilities
- US-only infrastructure: All servers and data hosted exclusively in the United States
LLM Provider Security
Pincites works exclusively with AI providers that maintain rigorous data protection standards:- OpenAI: Zero-data retention with no model training on API inputs (API Data Usage Policies)
- Anthropic: Zero-data retention with no model training on API inputs (Acceptable Use Policy)
- Google Gemini: Dedicated API service with no model training on customer data (API Terms)
- Cohere: No model training on customer data (Terms of Use)
Infrastructure Security
- GCP hosting with strict network segmentation and physical safeguards
- All customer data encrypted and stored in the US
- Redundant infrastructure to ensure uptime and high availability
- RTO/RPO tested regularly
Incident Response
- 24/7 monitoring
- Documented response plan tested regularly
- SLA-backed breach notification timelines
- Clear escalation paths in case of detected threats
Vendor Risk Management
- All vendors assessed using a formal security review process
- Contractual data protection terms for all subprocessors
- Access reviewed regularly to maintain compliance
Security Expertise
- Security team includes former GitHub security product lead
- All engineers receive mandatory security training
- Contact security@pincites.com for any concerns or disclosures