Security is not an afterthought at SignalClose AI. We implement enterprise-grade security practices to protect your data and your clients' data.
Hosted on Vercel's edge network with automatic SSL, global CDN distribution, and DDoS protection. Our infrastructure scales automatically to handle demand with zero downtime deployments.
PostgreSQL on Supabase with row-level security (RLS) policies ensuring strict data isolation between accounts. Your data is never accessible to other customers.
All data encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. API keys and sensitive credentials are stored using industry-standard secret management.
Role-based access controls (RBAC) with least-privilege principles. Full audit logging of administrative actions. Multi-factor authentication supported for all accounts.
Fully compliant with CAN-SPAM Act, GDPR, CASL (Canada), and Australian Spam Act. Built-in compliance checks on all outreach to ensure your campaigns meet regulatory requirements.
Stripe handles all payment processing — PCI DSS Level 1 compliant, the highest level of certification. We never store credit card numbers, CVVs, or sensitive payment data on our servers.
Your data is never sold to third parties. AI processing uses Anthropic's API with zero data retention — your prospect data is not used to train AI models. We process only publicly available business information.
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly to security@signalcloseai.com. We aim to acknowledge reports within 24 hours and resolve critical issues within 72 hours.
We're happy to answer any questions about our security practices and provide additional documentation.