Security at Audity

Your clients trust you with their most sensitive data

Q: Can I get a DPA for my security review?

Yes. Email jeremy@racprojects.ai with what you need and we’ll get a Data Processing Addendum to you.

Q: I found a security issue. Who do I tell?

Email jeremy@racprojects.ai and we’ll get back to you within one business day.

We built Audity to protect it with the same care you do — enterprise-grade encryption, strict access controls, and complete data isolation, on infrastructure that’s already SOC 2 certified.

SOC 2 Type II infrastructurePCI DSS Level 1 payments256-bit AES at restTLS encrypted in transitTenant data isolationGDPR aligned

Infrastructure

Audity is built on infrastructure that already meets the bar your clients ask about. Our partners for hosting, our database, and payments are SOC 2 Type II or PCI DSS certified and independently audited every year.

Encryption

Your data is encrypted in transit and at rest, every step of the way. We never touch credit card numbers — payments run entirely through a PCI DSS Level 1 certified processor.

Authentication

Sign-in runs on a certified identity provider with multi-factor authentication available to everyone. Access is role-based, so people only see what they should.

File security

Every document you upload is checked, encrypted, and tied to your account. One client can never see another client’s files.

Privacy

We collect only what we need to run your discoveries, and we never sell your data. It’s yours — export it or delete it whenever you want.

AI processing

Your data is never used to train AI models. The providers we use commit to the same, by default, under their enterprise terms.

Your data, your control

You stay in charge of your data and your clients’ data, start to finish.

You own your data

Everything you put into Audity stays yours. Export it any time.

We’re the processor, not the owner

You decide how your data is used. Audity just runs the work for you.

Client confidentiality

Every client’s information is walled off from every other account.

DPA on request

Need a Data Processing Addendum for procurement? Email us and we’ll set it up.

How we handle AI

AI runs your discoveries — it never gets to keep or learn from your data.

No model training

Your data is never used to train AI models — ours or anyone else’s.

No data sharing

Prompts go only to the provider needed to produce your result, nowhere else.

Deleted when you’re done

Providers process under enterprise terms with training turned off by default.

Questions, answered

How is your platform SOC 2 covered?

Audity is built on SOC 2 Type II infrastructure. The partners that host and process your data are SOC 2 Type II or PCI DSS certified and independently audited every year, so your clients’ data sits on systems that already meet that bar.

Where does my data live?

In secure, US-based cloud infrastructure, with each customer’s data isolated from every other account.

Do you train AI on my data?

No. Audity never trains models on your data, and the AI providers we use commit to the same by default.

Can I get a DPA for my security review?

Yes. Email [email protected] with what you need and we’ll get a Data Processing Addendum to you.

I found a security issue. Who do I tell?

Email [email protected] and we’ll get back to you within one business day.

Need the full detail for a security review? It’s all on the compliance page.

Questions about security?

We’re happy to walk through our security practices, share a questionnaire, or set up a DPA for your review.

[email protected]