How we protect what you upload.

Standard

Scope

Status

When

HIPAA BAA

Business Associate Agreement for protected health information. Available on Enterprise tier — not auto-applied to lower tiers.

Today

SOC 2 Type I

Trust-services criteria point-in-time review of security, availability, and confidentiality controls.

Q2 2026

SOC 2 Type II

Continuous-operation attestation of the same controls over a 6-month observation window. Following directly behind Type I.

Q4 2026

CCPA / CPRA

California Consumer Privacy Act + Privacy Rights Act compliance. Honored across all tiers — DSR (data subject request) form at /privacy.

Today

ISO 27001

Information security management system certification. Tracked behind SOC 2 for enterprise procurement outside the US.

2027

GDPR (EU residents)

Article 28 data-processing terms available on request. EU data residency is roadmap — primary storage is US-only today.

2027

Encryption at rest

AES-256 across the entire stack — uploaded documents (Vercel Blob, server-side encryption with AWS KMS keys), the operational database (Neon-managed Postgres with native encryption), backups, and analytics warehouses. No customer data lands on disk unencrypted.

Encryption in transit

TLS 1.2+ on every connection, HSTS preloaded on vvon.ai. Strict CSP and frame-ancestors locks at the edge. Internal service-to-service traffic runs over TLS as well — analytics, fonts, vendor SDKs all served over TLS, no mixed-content paths.

Role-based access control (RBAC)

Every customer record is scoped to an organization. Authorization is enforced server-side on every action — no client-side trust of organization membership. Production application access is least-privilege; no engineer has standing production database credentials.

SSO / SAML / SCIM

SAML 2.0 single sign-on and SCIM user provisioning available on the Enterprise tier through Clerk Enterprise. Pro and Solo tiers ship with email-password authentication plus Clerk-managed MFA (TOTP / WebAuthn). Identity provider connectors include Okta, Google Workspace, Microsoft Entra ID, and any SAML 2.0-compliant IdP.

Multi-factor authentication

TOTP and WebAuthn supported on every tier through Clerk. Enterprise customers can enforce MFA org-wide as a policy. Recovery codes issued on enrollment, hardware-key (YubiKey, Titan) compatible via WebAuthn.

Audit logging

Every privileged action — sign-in, document upload, model invocation, role change, billing event — is written to an append-only audit log with timestamp, actor, target object, IP, and user agent. AI calls additionally write one ComplianceGuard row per attempt (pass, fail, retry) for replayability. Logs retained 13 months; Enterprise exports available on request.

Data retention & deletion

Customer-initiated deletion removes data within 30 days from primary storage and 90 days from backups. After subscription cancellation, audits remain readable for 90 days (downloadable as PDF/CSV the entire time), then hard-deleted. Enterprise tier supports custom retention windows (7 / 30 / 90 / 365 days). Logical deletion is immediate; cryptographic deletion (key revocation) on the Enterprise SLA.

Backups & disaster recovery

Daily full backups, point-in-time recovery for 7 days on the operational database. Cross-region replication for primary storage. RTO 4 hours, RPO 1 hour for the application surface. Tested quarterly via restore drills; results documented internally for the SOC 2 control set.

AI processing & model training

Inference runs on the Anthropic API under no-training data-handling terms — your uploads are NOT used to retrain public foundation models. Per Anthropic's commercial terms, prompts and completions from VVON are excluded from foundation-model training. Every model call wrapped in ComplianceGuard with versioned, replayable prompts and outputs. Anonymized aggregate statistics may inform product research with explicit opt-out on Enterprise.

Data residency

Primary storage is US-only (AWS us-west-2 + us-east-1). EU residency on the GDPR roadmap line above. No customer data leaves the US without explicit customer opt-in. Data localization clauses (Canada, UK, Australia) handled per-customer on Enterprise.

Subprocessors

Anthropic (inference), AWS (storage + compute, us-west-2 / us-east-1), Vercel (edge hosting), Stripe (payments), Clerk (auth + SSO). Full subprocessor list with regions and DPAs available on request via security@vvon.ai. Customers are notified at least 30 days before a material subprocessor change.

Penetration testing

Annual third-party penetration test (next: Q1 2027) plus a pre-release test before any major surface ships. Critical and high findings remediated before public release; full report shared under NDA with Enterprise customers on request. Internal continuous security scanning via Drata and Vercel Security.

Operational security

Production secrets scoped per environment in Vercel; no engineer has standing production DB credentials. All deployments traced to a git commit and a Vercel build hash. Rate-limited at the application layer to defend against anonymous abuse; per-tier budgets defined in code. Code review required on every change to a security-sensitive surface.

Vulnerability disclosure

security@vvon.ai for responsible disclosure. We acknowledge within 1 business day and provide a meaningful update within 5. Critical findings are patched within 7 days; high-severity within 30. No bug-bounty program yet — until that exists we will publicly credit any researcher who reports in good faith and asks to be named.