Security & Compliance
GridAgent is built with security at its core. We protect your data with industry-leading practices and maintain compliance with major regulatory frameworks.
Security & Certifications
Encryption in Transit
All data transmitted between your browser and our servers is encrypted using TLS 1.3 with 256-bit encryption.
Encryption at Rest
All stored data is encrypted using AES-256 encryption. Database backups are also encrypted.
SOC 2 Certified Infrastructure
Our infrastructure providers (Vercel, Supabase, Railway) maintain SOC 2 Type II certification.
SOC 2 Type II
GridAgent is pursuing SOC 2 Type II certification. Audit in progress with expected completion Q2 2026.
GDPR Compliant
We comply with GDPR requirements including data minimization, right to erasure, and transparent data processing.
Data Processing Agreement
Enterprise customers can request a Data Processing Agreement (DPA) for regulatory compliance.
How We Handle Your Data
Your Data Never Trains Our Models
We do not use your queries, uploaded documents, or any interaction data to train AI models. Your data remains yours.
Minimal Data Retention
We only retain data necessary for service operation. Query history can be deleted at any time from your account settings.
No Third-Party Data Sharing
We never sell or share your data with third parties for marketing or advertising purposes.
Right to Deletion
You can request complete deletion of your account and all associated data at any time.
Trusted Infrastructure
GridAgent is built on enterprise-grade infrastructure providers that maintain the highest security standards.
Security Questions?
For security inquiries, vulnerability reports, or compliance documentation requests, please contact our security team.
security@gridagent.io