Compliance
No training on your data, ever.
We have contractual agreements with our AI subprocessors that prohibit the use of customer data to train their models.
SOC2 (Type1) compliance
Report is available here.
WorkflowAI is SOC2 Type1 compliant, ensuring that our platform meets rigorous security and compliance standards. This certification verifies the design and implementation of our security controls at a specific point in time, covering the following principles:
- Security: Protecting against unauthorized access (both physical and logical).
- Availability: Ensuring that the system is available for operation and use as committed.
- Processing Integrity: Guaranteeing that system processing is complete, valid, accurate, timely, and authorized.
- Confidentiality: Maintaining the confidentiality of information as committed or agreed.
- Privacy: Protecting personal information according to the commitments in the privacy notice.
Achieving SOC2 Type1 compliance demonstrates our commitment to maintaining the highest standards of security and operational excellence, providing our users with confidence in the integrity and reliability of our services.
Frequently asked questions
Self-hosting for maximum control
For organizations with particularly strict compliance, data residency, or security requirements, we recommend considering the self-hosted version of WorkflowAI. Self-hosting provides maximum control over your data environment. You can find information on setting up self-hosting in our GitHub repository.
Self-Hosting Guide
Learn how to deploy WorkflowAI in your own environment for maximum control and compliance.
If you have specific compliance questions or requirements (such as HIPAA, GDPR, data retention, etc.) not addressed here, please contact us at team@workflowai.support
How is this guide?