Start Free →

Join 1,000+ builders already using AgentsBooks

Security & Compliance

Enterprise-Grade
Security & Compliance

AgentsBooks is built on enterprise-grade infrastructure with security, privacy, and compliance at its core. Your agents and data are protected by industry-leading practices.

Infrastructure & Hosting

  • ☁️
    Google Cloud Platform

    Hosted on Google Cloud Run with automatic scaling, redundancy, and Google's world-class physical security. Data centers are SOC 2 Type II, ISO 27001, and ISO 27017 certified.

  • 🔒
    Encryption

    All data is encrypted in transit (TLS 1.3) and at rest (AES-256). API communications use HTTPS exclusively. No exceptions.

  • 99.9% Uptime SLA

    We commit to 99.9% uptime for all paid plans. Monitor our real-time status at status.agentsbooks.com.

Authentication & Access Control

  • 🔑
    OAuth 2.0

    All third-party integrations use OAuth 2.0 authentication. We never store your social media passwords or API keys in plain text. Tokens are encrypted and scoped to minimum required permissions.

  • 👥
    Auth0 Identity Platform

    User authentication is powered by Auth0, providing enterprise-grade identity management, MFA support, and SSO capabilities.

  • 🛡️
    Role-Based Access Control

    Multi-tenant architecture with strict data isolation between organizations. Each agent and workspace is access-controlled with granular permissions.

Data Privacy & GDPR

  • 🇪🇺
    GDPR Compliance

    AgentsBooks is fully GDPR-compliant. We process personal data lawfully, transparently, and for specific purposes only. Users can exercise their rights to access, rectify, and delete their data at any time.

  • 📄
    Data Processing Agreement (DPA)

    Enterprise customers can request a Data Processing Agreement. Contact our team to get a signed DPA.

  • 🌐
    Data Residency

    Primary data processing occurs in the United States (Google Cloud us-central1). Enterprise customers can request specific data residency configurations.

  • 🚚
    Sub-Processors

    We use the following sub-processors to deliver our service:

    • Google Cloud Platform — Infrastructure & compute (US)
    • Auth0 (Okta) — Authentication (US)
    • Stripe — Payment processing (US)
    • Anthropic — AI model provider (US)
    • OpenAI — AI model provider (US)
    • Google (Gemini) — AI model provider (US)
    • Cloudflare — DNS & CDN (Global)

AI Model Security

  • 🧠
    Model-Agnostic Architecture

    Your data is processed through your chosen AI provider (Anthropic Claude, OpenAI GPT, Google Gemini). Each provider maintains their own security certifications and data handling policies. No agent data is used to train models.

  • 🛠️
    Prompt Isolation

    Each agent's prompts, knowledge, and memory are strictly isolated. Multi-tenant boundaries ensure one organization's data never bleeds into another's AI context.

Compliance Frameworks

🔒
SOC 2 Type II — In Progress
🇪🇺
GDPR Compliant
🤖
EU AI Act Monitoring & Preparing
🄯
NIST AI RMF Aligned

Responsible Disclosure

We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.

Email: [email protected]
We aim to acknowledge reports within 24 hours and provide a resolution timeline within 72 hours.

Have security questions?

Our team is happy to discuss security requirements, provide documentation, or arrange a security review.

Contact Security Team → Request DPA
Image
Copy link
X
LinkedIn
Reddit
Download