Security
Enterprise security.
Without the enterprise NDA.
Per-tenant data isolation. AES-256-GCM at rest. EU hosting. GDPR + DPA. SOC 2 in progress. Bug bounty up to €5,000.
✓ GDPR · Compliant✓ DPA · Available✓ ISO 27001 · Q4 2026✓ SOC 2 Type II · Q3 2026✓ HIPAA BAA · Available (Business)✓ EU Data Residency · Default
Defense in depth
Four layers.
Built into the platform. Documented for your audit. Tested by us and externally.
🔐
Encryption
- ✓ AES-256-GCM at rest for sensitive fields (API keys, OAuth tokens)
- ✓ TLS 1.2+ for all connections, HSTS preload list
- ✓ Encrypted backups, separate keys, off-site (Hetzner Storage Box)
👤
Access control
- ✓ Per-tenant data isolation: own database rows + Pinecone namespace
- ✓ Role-based access (owner / admin / editor / viewer)
- ✓ SSO (SAML / OAuth) available on Business plan
- ✓ Audit log of all admin actions, exportable
🏰
Infrastructure
- ✓ Hosted on Hetzner (Germany, EU)
- ✓ Per-process isolation via systemd and PM2
- ✓ Database backups: daily, 7-day rolling + monthly archives
- ✓ DDoS protection at edge
📊
Monitoring
- ✓ 24/7 uptime monitoring via UptimeRobot
- ✓ Application logs aggregated and searched
- ✓ Anomaly detection on auth flows
- ✓ Incident response: under 60 minutes engineer engaged
Found a vulnerability?
We pay for finding holes.
Responsible disclosure honored with public credit, swag, and bug bounties up to €5,000 for critical findings. PGP encryption available on request.
support@globalchatbot.ai →Built secure by default.
14-day trial. Enterprise security on every plan. No NDA required.
14 days · no card · cancel anytime