Security Policy

We take the security of customer data very seriously. If you have additional questions regarding security, we are happy to answer them. Please write to security@promptarmor.com and we will respond as quickly as we can. The Security Practices page describes the administrative, technical and physical controls applicable to PromptArmor.

Hosting and Architecture

PromptArmor is available as an API. PromptArmor uses a combination of infrastructure tools, all of which are SOC2 Compliant.

Storage of Customer Data

By default, PromptArmor does not store any customer queries except for detections. If you would like to opt out of data storage of detections, please email api@promptarmor.com. By default, PromptArmor will store all detections of malicious input indefinitely.

Confidentiality and Security Controls Confidentiality

PromptArmor places strict controls over its employees' access to Customer Data. The operation of the PromptArmor requires that some employees have access to the systems which store or process this information and data. For example, in order to diagnose a problem the customer are having with the PromptArmor services, we may need to access the customer's account. These employees are prohibited from using these permissions to view Customer Data unless it is necessary to do so. We have technical controls and audit policies in place to ensure that any access to the customer account is logged. All of our employees are bound to our policies regarding confidentiality and we treat these issues as matters of the highest importance within our company.