Trust Center

Security & Trust Statement

Allorc's current security posture, operational controls, and trust commitments.

Version 2026-07Effective 2026-07-15

Security & Trust Statement

This statement describes Allorc's current security posture, trust commitments, and present limitations.

Current security approach

We aim to protect customer data and system integrity using administrative, technical, and organizational measures appropriate for an evolving software platform.

Current measures may include:

  • encrypted transport using HTTPS/TLS;
  • access controls intended to limit production access to authorized personnel;
  • least-privilege principles for internal systems where practical;
  • environment separation and configuration management;
  • logging and monitoring to identify operational and security issues;
  • credential handling practices intended to reduce unauthorized exposure.

Security is shared

Security is a shared responsibility. Users and customers are responsible for:

  • maintaining account security;
  • choosing appropriate permissions and connected integrations;
  • reviewing workflow behavior and autonomous actions;
  • protecting sensitive credentials, tokens, and downstream systems.

Incident response

If we become aware of a confirmed security incident affecting customer data, we will respond in a manner we consider commercially reasonable under the circumstances and provide notice where required by law or contract.

Current limitations

We are transparent that Allorc is still maturing.

At the time of this version:

  • we do not publicly claim SOC 2, ISO 27001, or similar certification unless expressly stated elsewhere;
  • we do not claim that the service is suitable for zero-risk or life-critical workloads;
  • third-party services and model providers may introduce dependencies outside our direct control.

Data handling posture

We seek to limit unnecessary data exposure and to use customer data primarily to provide, secure, maintain, and improve the service.

Additional information appears in the Privacy Policy and Data Retention & Deletion Policy.

Trust commitments

We aim to:

  • communicate product capabilities honestly;
  • avoid overstating the maturity or certainty of AI features;
  • design for appropriate user control and oversight;
  • improve our controls as the product and customer base mature.

Security contact

If you believe you have identified a security issue, contact samclastine.jesumuthu@allorc.com with relevant details.