Professional-Grade Security

Security at OzziOS

Your business handles sensitive customer data. We built OzziOS with security as a foundation, not an afterthought. Every layer of the platform is designed to keep your data safe.

Data Protection

Professional-grade security

GDPR Ready

Data privacy by design

99.9% Uptime

Guaranteed SLA

End-to-End Encryption

AES-256 at rest & in transit

How we protect your data

From encryption to compliance, every aspect of our platform is built to meet the highest security standards.

Data Encryption

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. API keys and credentials are stored in isolated, encrypted vaults and never exposed in logs or error messages.

  • AES-256 encryption at rest for all stored data
  • TLS 1.3 enforced for all connections
  • Credential isolation with encrypted vault storage
  • Automatic key rotation on a regular schedule

Access Controls

Multi-layered access control ensures the right people have the right permissions. Every API call is authenticated and authorized against workspace-scoped policies.

  • Role-based access control (RBAC) per workspace
  • Multi-factor authentication via Clerk
  • Workspace-scoped data isolation — no cross-tenant access
  • Audit logging for all administrative actions

Infrastructure

Built on professional-grade infrastructure with automatic scaling, redundancy, and geographic distribution. Continuous monitoring detects and responds to threats in real time.

  • Convex serverless backend with automatic scaling
  • Cloudflare edge network for DDoS protection
  • Automated backups with point-in-time recovery
  • Real-time monitoring and anomaly detection via Sentry

Compliance & Privacy

We take a privacy-first approach to data handling. Your customer data belongs to you. We process it only as instructed and never sell or share it with third parties.

  • GDPR-compliant data processing agreements
  • Right to data portability and deletion
  • Regular third-party security assessments
  • Transparent data retention and processing policies

AI Safety & Transparency

AI agents operate within strictly defined boundaries. Every tool call is logged, every action is auditable, and agents cannot access data outside their assigned workspace.

  • Agent actions scoped to workspace permissions
  • Full tool call logging with execution traces
  • No training on your data — your data stays yours
  • Human-in-the-loop controls for sensitive operations

Questions about security?

Our team is happy to discuss our security practices, provide compliance documentation, or answer any questions.

Contact our team
256-bit EncryptionGDPR Ready99.9% Uptime SLA