Your data security is our priority
Inbox SuperPilot is built with security-first principles. We protect your emails, documents, and knowledge base with industry-leading security practices.
Encryption Everywhere
All data is encrypted in transit (TLS 1.3) and at rest (AES-128 via Fernet). OAuth tokens and credentials are never stored unencrypted.
Isolated Data Storage
Each user's knowledge base is stored in isolated environments. There's no cross-user data access, ever.
No Model Training
Your data is never used to train AI models. We use commercial AI APIs that do not retain inputs for training.
Minimal Data Retention
Email content is processed in real-time and temporarily cached for up to one hour. We store only derived metadata, not your raw emails.
SOC 2 Type II
Our infrastructure is built on AWS with enterprise security controls. SOC 2 Type II certification is on our roadmap.
Access Controls
Role-based access control, SSO/SAML support for teams, and audit logs for enterprise compliance.
Compliance & Certifications
| Certification | Status |
|---|---|
| SOC 2 Type II | Planned |
| GDPR Compliant | Compliant |
| CCPA Compliant | Compliant |
Infrastructure & Technology
How Your Data Flows
You connect your knowledge base
Documents from Google Drive, Notion, or file uploads are securely transferred using OAuth 2.0 and encrypted connections.
Content is processed and indexed
Documents are chunked, embedded, and stored in your isolated vector database. Original files are not retained.
Email context is analyzed
When you request a draft, email content is sent to our AI providers for real-time inference. Content is temporarily cached for up to one hour, then discarded.
Draft is generated and delivered
The AI-generated reply is sent directly to your browser. Draft metadata is stored for your history; raw email content is not persisted.
Contact our security team at security@inboxsuperpilot.com
For vulnerability reports, please use responsible disclosure.