Security
Boring, on purpose.
A short, honest list of how we look after your customers' verbatims.
SOC 2 Type II
Audited annually by a Big-Four equivalent. Report available on request under NDA.
GDPR & Australian Privacy Principles
DPAs signed by default. EU and AU data residency on Growth and above.
SSO
SAML 2.0 and Google / Okta OIDC on Growth and above.
Encryption
TLS 1.3 in transit. AES-256 at rest. Per-tenant key envelopes for verbatims.
Backups
Hourly, retained for 30 days. Cross-region replication on Scale.
Access
2FA required for staff. Audit log of every admin action, exportable as CSV.
Disclosure
Found something?
Write to security@pulzi.net. We respond within one business day and credit researchers in our hall of fame (and cash) for anything medium severity and up.
Need the full security packet? We have one.
SIG Lite, pen-test summaries, DPA, subprocessors. Signed NDA gets you the bundle.