Certified by leading third-party cybersecurity auditors.



Personal AI is certified in security, availability, processing integrity, confidentiality, and privacy.

On track to be GDPR and HIPAA compliant by Q3 2024.

Both idle and active data is encrypted over public networks and in our databases.


Personal AI uses TLS 1.3 everywhere data is transmitted and AES256 encryption anywhere data is stored.

Databases are built with multi-layer security including two factor authentication, intrusion detection systems, and VPC with strict firewall settings.

Annual network and graybox application penetration tests are performed by a certified third-party cybersecurity firm.

Code vulnerabilities are identified in realtime and remediated in order of priority.



Personal AI performs SAST, DAST, dependency, and secret scanning for all code repositories.

Integrated SaaS Services are authorized securely with OAuth2 and credentials are not stored for those services.



Personal AI partners and vendors are vetted with same level of rigorousness for security and privacy.

Audits are carried out, quarterly, on access control, risk, information security, IT infrastructure, and HR procedures.

Regular data backup with a maximum 24-hour RTO and RPO.



Personal AI backups are persisted for 30 days, and are globally replicated for resiliency against regional disasters.