Security & Trust
HOW YOUR DATA IS HANDLED
A plain-language overview for your security and procurement teams. Sending a questionnaire? Email askmikeai@gmail.com.
Encryption
Data is encrypted in transit (TLS) and at rest by our hosting and database providers.
Access control
Least-privilege access; production secrets stored in the platform's secret manager, not in code.
Data retention
We retain only what's needed to deliver the service and honor deletion requests. [Specifics to be finalized.]
Incident response
Security issues are triaged promptly; affected customers are notified. Report to askmikeai@gmail.com.
Availability
Target uptime and a named point of contact are defined in your SLA. [Target to be finalized.]
Data ownership
Your data is yours. It's used to deliver and improve your tool — never sold.
Subprocessors
The vendors that help deliver the service.
| Vendor | Purpose |
|---|---|
| Vercel | Application hosting & delivery (US regions) |
| Neon | Managed Postgres database |
| Stripe | Payments & billing (PCI-compliant) |
| Resend | Transactional email |
| Ollama Cloud | Hosted LLM inference for the AI assistant |
Compliance roadmap
SOC 2 is in progress. We don't claim certifications we don't hold. For your specific requirements (DPA, data residency, retention windows, pen-test summaries), reach out and we'll work through them.