Trust Center
Security & Trust Statement
Allorc's current security posture, operational controls, and trust commitments.
Security & Trust Statement
This statement describes Allorc's current security posture, trust commitments, and present limitations.
Current security approach
We aim to protect customer data and system integrity using administrative, technical, and organizational measures appropriate for an evolving software platform.
Current measures may include:
- encrypted transport using HTTPS/TLS;
- access controls intended to limit production access to authorized personnel;
- least-privilege principles for internal systems where practical;
- environment separation and configuration management;
- logging and monitoring to identify operational and security issues;
- credential handling practices intended to reduce unauthorized exposure.
Security is shared
Security is a shared responsibility. Users and customers are responsible for:
- maintaining account security;
- choosing appropriate permissions and connected integrations;
- reviewing workflow behavior and autonomous actions;
- protecting sensitive credentials, tokens, and downstream systems.
Incident response
If we become aware of a confirmed security incident affecting customer data, we will respond in a manner we consider commercially reasonable under the circumstances and provide notice where required by law or contract.
Current limitations
We are transparent that Allorc is still maturing.
At the time of this version:
- we do not publicly claim SOC 2, ISO 27001, or similar certification unless expressly stated elsewhere;
- we do not claim that the service is suitable for zero-risk or life-critical workloads;
- third-party services and model providers may introduce dependencies outside our direct control.
Data handling posture
We seek to limit unnecessary data exposure and to use customer data primarily to provide, secure, maintain, and improve the service.
Additional information appears in the Privacy Policy and Data Retention & Deletion Policy.
Trust commitments
We aim to:
- communicate product capabilities honestly;
- avoid overstating the maturity or certainty of AI features;
- design for appropriate user control and oversight;
- improve our controls as the product and customer base mature.
Security contact
If you believe you have identified a security issue, contact samclastine.jesumuthu@allorc.com with relevant details.