1. Security Principles

  • Ephemeral Access: one-time, expiring tokens for recall; no “forever links.”
  • Defense in Depth: TLS in transit, AES-256 at rest, token gating, monitoring.
  • Data Minimization: only phone, email, PIN + memory content as needed.
  • User Control: export & deletion pathways; customers own their data.

2. Architecture Controls

Transport Security
TLS 1.2+ everywhere; HSTS; signed recall links.
Storage Security
AES-256 at rest (DB, object storage, FAISS indexes).
Tokenized Recall
Single-use tokens; short TTL; immediate invalidation on use.
Identity
Phone + email + PIN; admin MFA; SSO/SCIM (roadmap).

For a full architecture walkthrough (SMS/voice capture → transcription → tagging/embeddings → hybrid recall), see the Security White Paper (PDF).

3. Operational Security

  • Access control: role-based access, least privilege.
  • Monitoring: centralized logs; anomaly detection.
  • Backups: encrypted backups; periodic restore tests.
  • Vuln management: dependency scanning; patch SLAs; external pen tests post-seed.
  • Change management: CI/CD, code review, automated testing.

4. Privacy & Data Handling

We act as Processor for enterprise deployments (Customer = Controller). See our Privacy Policy and Data Processing Addendum for roles, rights, and data return/deletion commitments.

5. Compliance Roadmap

Now
Best-practice controls; patent pending.
Seed
SOC 2 Type I; GDPR readiness; HIPAA BAA (pilots).
Series A
SOC 2 Type II; ISO 27001; (optionally) FedRAMP Moderate.

Our detailed control mappings and evidence expectations are outlined in the full PDF.

6. Security Contact

Report a vulnerability or ask a question: security@trakxa.com. We aim to acknowledge reports within 72 hours.

Back to top Download PDF