Security & Compliance
Enterprise-Grade Security
Your business data deserves the highest level of protection. Alexia.ai is built with security at every layer, so your IT and security teams can trust us with confidence.
Certifications & Compliance
ISO 27001Coming June 2026
SOC 2 Type IIComing June 2026
GDPRActive
Australian Privacy Principles (APP)Active
Alexia.ai is committed to meeting the highest compliance standards. We are actively pursuing ISO 27001 and SOC 2 Type II certifications, with completion targeted for June 2026. We are fully compliant with GDPR and the Australian Privacy Principles (APP).
Encryption
AES-256-GCM encryption for all data at rest
TLS 1.3 encryption for all data in transit
End-to-end encryption for sensitive data flows
Industry-standard key management with regular rotation and strict access controls
Infrastructure
Hosted on Microsoft Azure with enterprise-grade reliability
Data residency options available in Australia, United States, and European Union
High availability architecture with automatic failover
Regular automated backups and comprehensive disaster recovery procedures
Authentication & Access Control
OAuth 2.0 with PKCE for secure authentication flows
SSO (Single Sign-On) support for enterprise identity providers
RBAC (Role-Based Access Control) with granular permissions
Multi-factor authentication (MFA) for added account security
API key management with fine-grained scoping and permissions
Data Privacy
Clear data retention and deletion policies
Right to data portability for all customers
Data processing agreements (DPAs) available on request
We never train AI models on customer data
Operational Security
Regular vulnerability scanning and third-party penetration testing
Documented incident response procedures with defined escalation paths
Mandatory security training for all employees
Comprehensive vendor security assessments before onboarding
Have Security Questions?
Our security team is happy to answer your questions, provide additional documentation, or discuss your specific compliance requirements.