Security

Security is a product, not an add-on.

Synlumex AI is built security-first. Encryption, access controls, tenant isolation, and privacy-by-design are core features across every product in the suite.

Encryption in transit and at rest

All traffic is encrypted with TLS 1.2+ and modern cipher suites. Customer data is encrypted at rest with AES-256 across databases, object storage, and backups.

Access controls

Role-based access controls scope every action to workspaces, teams, and roles. Enterprise workspaces support SSO (SAML 2.0, OIDC), enforced 2FA, and audit logs.

Compliance posture

Practices aligned to SOC 2 and GDPR-style privacy principles. Compliance program under active development, with formal reports available on request under NDA.

Tenant isolation

Customer data is logically isolated per workspace. Data is never used to train foundational AI models, and never mixed across tenants for retrieval or evaluation.

Infrastructure

Hosted on hardened cloud infrastructure with segmented networks, least-privilege engineering access, secrets management, and continuous monitoring.

Incident response

24/7 monitoring across the platform. Documented incident response process, on-call rotation, and customer notification within contractual SLAs.

Data retention

Customer content is retained per your workspace configuration. On account termination, data is deleted or returned within a reasonable period per contract.

Subprocessors

A short list of vetted subprocessors supports the platform — cloud infrastructure, email delivery, error monitoring, and payment processing. Available on request.

Vulnerability disclosure

Report a security issue.

Found a security issue in a Synlumex AI product? We take reports seriously. Please email security@synlumexai.com with details and reproduction steps. We commit to acknowledging reports within two business days.