GDPR compliant. SSO/SCIM with Okta, Google, Azure AD. AES-256 at rest, TLS 1.3 in transit. Every AI employee gets its own isolated VM, its own audit log, and nothing your team didn't sign off on.
AES-256-GCM for everything we persist. TLS 1.3 on every hop. Short-lived credentials that never leave our control plane.
Every AI employee runs in its own firecracker microVM. No cross-tenant execution. No ambient credentials. No shared filesystem.
Every tool call, every file write, every external hit is logged with the agent identity, input, output, and cost. Stream it to your SIEM.
SSO with Okta, Azure AD, Google. SCIM provisioning. Role-based access on everything from a template to a tool invocation.
GDPR and CCPA compliant today. SOC 2 Type II in progress, ISO 27001 on the roadmap. Read our subprocessor list, pen-test summary, and DPA in the trust center.
EU data subject rights + DPA
California consumer privacy
Security, Availability, Confidentiality
Information security mgmt
Pick US, EU, or UK for storage and compute — your data never leaves the region.
Customer data is never used to train models. Full stop. Contractual in every plan.
Every subprocessor passes our security review. Full list published and versioned at the trust center.
Report at security@alfera.ai. 24h acknowledgement, 30d fix SLA on criticals.
Named incident commander, customer notification within 24h of confirmed breach.
Point-in-time restore for 30d, tested DR runbook, RPO 5min / RTO 1h on Enterprise.
No credit card required. Start with a template, connect your tools, and ship an agent before your next stand-up.