Compliance - MythicDot.AI

Certifications & Standards

🔒

SOC 2 Type II

Certified

Independently audited security controls for data protection, availability, and confidentiality.

🏥

HIPAA

Compliant

BAA available for healthcare organizations handling protected health information (PHI).

🇪🇺

GDPR

Compliant

Full compliance with EU data protection regulations, DPA available on request.

🔐

ISO 27001

Certified

Information security management system certified to international standards.

🇨🇦

PIPEDA

Compliant

Compliance with Canadian privacy legislation for personal information protection.

🏛️

FedRAMP

In Progress

Federal authorization in progress for US government cloud deployments.

Data Security

🔐 Encryption at Rest

All data is encrypted using AES-256 encryption. Encryption keys are managed via a dedicated key management service with automatic rotation.

🔒 Encryption in Transit

All API connections use TLS 1.3. We enforce HTTPS for all endpoints and support modern cipher suites only.

🌍 Data Residency

Choose where your data is processed and stored. Available regions include US, EU, and Asia-Pacific for compliance with local regulations.

🗑️ Data Deletion

API inputs and outputs are not retained by default. Enterprise customers can configure custom retention policies or zero-retention mode.

Data Flow

Secure API Request Flow

💻

Your App

🔒→

🌐

TLS 1.3

🔒→

🛡️

API Gateway

🔒→

🤖

AI Model

Data Usage Policy

Data Type	Used for Training	Retained	Enterprise Override
API Inputs	✗ No	30 days*	✓ Zero-retention
API Outputs	✗ No	30 days*	✓ Zero-retention
Usage Metrics	✗ No	1 year	✓ Custom
Audit Logs	✗ No	Plan-based	✓ Extended

* Default retention for abuse monitoring. Can be disabled for enterprise customers.

Documentation

📄

Data Processing Agreement

DPA for GDPR compliance

🏥

Business Associate Agreement

BAA for HIPAA compliance

🔒

Security Whitepaper

Technical security overview

👁️

Privacy Policy

How we handle your data

Need Enterprise Compliance?

Contact us for custom compliance requirements, BAAs, DPAs, and security reviews.

Contact Sales → Security Overview

🛡️ Compliance

Certifications & Standards

Data Security

🔐 Encryption at Rest

🔒 Encryption in Transit

🌍 Data Residency

🗑️ Data Deletion

Data Flow

Secure API Request Flow

Data Usage Policy

Documentation

Data Processing Agreement

Business Associate Agreement

Security Whitepaper

Privacy Policy

Need Enterprise Compliance?