Security at the Core
Your data is protected by enterprise-grade security practices. We follow industry-standard protocols for data protection, encryption, and compliance across all our systems.
Our Security Commitment
We're building security-first, following enterprise-grade industry standards
Data Protection
AES-256 encryption, secure data centers, multi-region redundancy
Privacy Standards
GDPR, HIPAA, CCPA compliance in our roadmap
Access Control
Role-based controls, audit logging, zero-trust architecture
Data Governance
Clear data lifecycle management and deletion controls
We're leveraging Google Cloud infrastructure to deliver enterprise-grade security while building our platform. Learn more about our infrastructure
Security Features
Multi-layered protection for your data
Encryption
Industry-standard encryption for your data
- ✓ AES-256 encryption at rest
- ✓ TLS 1.2+ in transit
- ✓ Customer-managed keys (CMEK)
Access Control
Fine-grained permission management
- ✓ Role-based access control (RBAC)
- ✓ Zero-trust architecture
- ✓ OAuth 2.0 & SAML support
Audit & Logging
Complete visibility into system activity
- ✓ Comprehensive activity logs
- ✓ User access tracking
- ✓ Change history & audit trails
Monitoring & Response
24/7 security monitoring & incident response
- ✓ 24/7 security monitoring
- ✓ Incident response plan
- ✓ Real-time alerts
How We Handle Your Data
Transparency in every step of our data lifecycle
1 Data Collection
We only collect data necessary for Nexus search and Forge automation. You control which integrations are connected and what data is accessible.
- ✓ Minimal data collection principle
- ✓ Clear consent for each integration
- ✓ Granular permission controls
2 Data Storage
All data is encrypted at rest with AES-256. Stored in isolated, access-controlled environments with comprehensive audit logging.
- ✓ Encrypted databases and file storage
- ✓ Multi-region redundancy
- ✓ Choose your data region
3 Data Processing
Data is processed in secure, isolated environments. Nexus indexes content for search; Forge runs automation workflows. AI models run on-premises in secure containers.
- ✓ Isolated processing environments
- ✓ No human access without authorization
- ✓ Comprehensive activity logs
4 Data Deletion
Disconnect any integration to stop data sync immediately. Request full deletion and we'll purge all data within 30 days, including backups.
- ✓ Instant sync termination
- ✓ Complete data deletion within 30 days
- ✓ Deletion confirmation provided
Security Resources
Transparency about our security practices and infrastructure
Security FAQs
Common questions about our security practices
Your data is stored in secure, enterprise-grade data centers powered by Google Cloud. We offer data residency options in the US, EU, and APAC regions. You can choose your preferred region during setup.
Only authorized personnel with legitimate business needs can access customer data, and only with your explicit permission for support purposes. All access is logged and monitored. We never train AI models on your data.
We have a documented incident response plan with 24/7 monitoring. In the unlikely event of a security incident, we'll notify affected customers within 72 hours and provide detailed remediation plans.
Yes! Enterprise customers can use customer-managed encryption keys (CMEK) for an additional layer of security. You maintain full control over your encryption keys.
If you discover a security vulnerability, please report it responsibly to support@stumpmic.com. We take all security concerns seriously and will respond promptly to legitimate reports.
Questions About Security?
Our security team is here to help answer your questions
Email: support@stumpmic.com | Report vulnerabilities responsibly