Security Overview

Encryption. We encrypt Customer Data in transit using TLS 1.2 or higher and at rest using AES-256 or equivalent encryption standards.

Access Control. We enforce logical isolation of customer data, role-based access controls, and least-privilege principles across all systems.

Backups. Intempt maintains data redundancy and infrastructure resilience controls appropriate to the Services. Where infrastructure-level copies of data exist, they are encrypted and isolated from active processing. Intempt does not maintain separate traditional customer data backups at this time. Infrastructure resilience is provided through cloud provider redundancy controls.

Monitoring. We maintain uptime monitoring and availability metrics for the Services. Security monitoring capabilities including SIEM integration and SOC-level coverage are on Intempt's security roadmap.

Secure Development. We follow a secure software development lifecycle (SDLC) that includes security reviews, dependency scanning, infrastructure hardening, and testing against the OWASP Top 10.

Incident Response. Intempt is implementing a formal incident response framework with defined escalation, containment, and remediation procedures. In the event of a confirmed security incident involving Customer Data, we will notify affected customers within seventy-two (72) hours of confirmation, where feasible. Our incident response programme is actively being built out in connection with our SOC 2 Type II certification project.

AI Data Protection. Intempt trains per-customer AI models exclusively within each customer's logically isolated tenant environment. Customer data is never used to train models serving other customers. Third-party AI subprocessors (OpenAI and Anthropic) are prohibited under commercial API terms from using Customer Data to train their own models.

SOC 2 Type II certification is a compliance priority with a target completion of Q1 2027. Multi-factor authentication (MFA) and single sign-on (SSO) are planned features on our product roadmap. These capabilities are not currently available and should not be relied upon as current security controls.

Email Security. Intempt uses Google Workspace with enhanced security features for internal communications, including inbound email screening and attachment controls.

Vulnerability Scanning. Intempt is implementing automated vulnerability scanning of its cloud infrastructure using AWS-native security tooling. Critical and high vulnerabilities identified will be remediated within defined timelines.

AI Model Security. Customer AI models are trained and stored within logically isolated per-customer environments. Access is restricted to authorized Intempt engineering personnel under least-privilege controls. Training pipelines are subject to Intempt's SDLC security review. Customer AI models are deleted within thirty (30) days of subscription termination.