Traject AITraject AI
Trust · Security · Compliance

Engineered with
enterprise-grade security
from day one.

Every inbound webhook is HMAC-verified. Every PII field is encrypted. Every LLM turn is screened by Model Armor — in both directions. No plaintext phone numbers live in our database. This page is a full accounting of what we do today and what we are building toward.

Request signed DPAEmail security team

Today · Shipping

Controls we run in production.

Encryption

  • AES-256-GCM on sensitive fields (phones, names, OAuth tokens)
  • Platform-level AES-256 on every Firestore document and Cloud Storage object
  • TLS 1.3 enforced on every public endpoint
  • HSTS header: max-age 2 years, includeSubDomains, preload

Identity & access

  • Firebase Authentication with Google SSO
  • Mandatory tenantId filter on every Firestore query
  • Service accounts follow least-privilege IAM
  • Secrets stored in Google Secret Manager, mounted at runtime, never in source

Inbound integrity

  • HMAC-SHA256 verification on every WhatsApp webhook
  • Per-IP, per-session, and per-tenant rate limits
  • reCAPTCHA v3 on public forms (demo, contact, signup)
  • Cloud Armor DDoS + WAF + bot-detection on ingress

AI safety

  • Google Model Armor screens every inbound message
  • Google Model Armor screens every outbound AI reply
  • Prompt-injection + PII leakage detection on both directions
  • Per-turn audit log (13-month retention) for forensic review

PII protection

  • End-customer phone numbers stored as ciphertext + HMAC hash
  • No plaintext phone numbers live in the database
  • Masked previews for UI display (e.g. +91 •••• 1234)
  • Field-level encryption on names; query via hashed lookups only

Spend safety

  • Per-tenant spend counter updated after every LLM call and voice minute
  • Spend gate middleware blocks further LLM calls at the cap
  • Email alerts at 50% / 80% / 100% of monthly cap
  • Pre-voice check — voice call rejected if tenant at cap

How data flows

Every step is checked. Twice.

01

Inbound

Customer message arrives over TLS 1.3. WhatsApp webhooks verified with HMAC-SHA256. Rate limits applied at the edge. Model Armor screens for prompt injection and harmful content.

02

Processing

Request routed to a Cloud Run worker. Every Firestore query carries a mandatory tenantId filter. PII is encrypted before storage. LLM calls run on Vertex AI (now Gemini Enterprise Agent Platform) in us-central1.

03

Outbound

AI reply screened by Model Armor on the way out. Spend-cap gate checked before billing the call. Every turn logged to immutable turnLogs with model chain, latency, and token counts.

04

Storage

Firestore + Cloud Storage with platform-level AES-256. Sensitive fields additionally encrypted with AES-256-GCM per tenant. ADK session memory auto-purged after 48 hours of inactivity.

Data residency

Where your data lives.

Production today runs in Google Cloud us-central1. Transfers out of the EEA, UK, or Switzerland are protected by the Standard Contractual Clauses and Google's DPF commitments — incorporated by reference in our DPA.

Customers with regulatory residency requirements can request a dedicated deployment in the EU, India, or UAE on our Enterprise tier.

United Statesus-central1

Production

All Cloud Run, Firestore, Cloud Storage, Secret Manager, and Vertex AI calls run from us-central1 today.

European Unioneurope-west1

Enterprise on request

Dedicated deployment available for EU-resident customers on the Enterprise tier.

Indiaasia-south1

Enterprise on request

Dedicated deployment available for India-resident customers on the Enterprise tier.

UAEme-central1

Enterprise on request

Dedicated deployment available for UAE-resident customers on the Enterprise tier.

Compliance

Where we stand. Honestly.

We ship what we have. Nothing on this page is aspirational hand-waving — if it says "ready", it's live in production. If it's on the roadmap, we've published the quarter it lands.

FrameworkStatusDetail
GDPR / UK GDPRReadyArticle 28 DPA available · SCCs incorporated · DSAR support
India DPDP Act 2023ReadyConsent + notice + rights model implemented · DPBI cooperation
UAE PDPLReadyData residency option in me-central1 (Enterprise)
CCPA / CPRAReadyNo sale or sharing of PI · Right-to-know + delete implemented
WhatsApp Business PolicyCompliantRegistered Meta Tech Provider · Gupshup BSP partner
SOC 2 Type IIOn roadmapEvidence collection begins Q3 2026 · Target audit completion Q1 2027
ISO 27001On roadmapGap analysis scheduled post-SOC 2
HIPAA (US healthcare)Not supportedSeparate BAA would be required; not offered today

12-month roadmap

What's landing, and when.

Public roadmap. Updated quarterly. We publish what we're building so enterprise buyers and accelerator reviewers can judge us on the path, not just the snapshot.

  1. Now

    Shipped
    • Cloud Armor WAF + DDoS
    • reCAPTCHA v3 on public forms
    • Per-tenant spend caps
    • Dependabot on all repos
    • Immutable audit log (turnLogs)

  2. Q2 2026

    • Secret rotation automation
    • Per-tenant encryption keys (CMEK-ready)
    • Request-signing on frontend→backend API

  3. Q3 2026

    • SOC 2 Type II evidence collection begins
    • Regional deployments (EU, IN, UAE) for Enterprise
    • Bug bounty programme (HackerOne)

  4. Q4 2026

    • External penetration test
    • VPC Service Controls for Enterprise tenants
    • Customer-Managed Encryption Keys (CMEK)

  5. Q1 2027

    • SOC 2 Type II audit completion
    • ISO 27001 gap analysis
    • 99.95% SLA tier generally available

Dig deeper

Every document, one click away.

Privacy Policy

What data we collect and how we protect it

Terms of Service

The agreement you accept when you sign up

Data Processing Addendum

Article 28 GDPR DPA · signing-ready PDF on request

Report a vulnerability

Email with "SECURITY" in subject · 48-hour ack target

Status page

Live uptime and incident history