We built SaneCite to answer security questionnaires honestly — so here are ours, answered the same way: what's true is stated plainly, and what isn't yet (like a finished SOC 2 report) is flagged, not dressed up.
Is customer data encrypted at rest?
Yes — AES-256, on Cloudflare's storage (D1/R2).
Is data encrypted in transit?
Yes — TLS 1.2+ everywhere.
How are encryption keys managed?
Managed by Cloudflare's platform key management. Customer-managed keys (BYOK) are an Enterprise option, not a default — we don't claim it where it isn't true.
Do you use customer data to train AI models?
No. Never. Your documents are not used to train any model; the model only ever sees the short excerpts selected for a single question.
Is the environment single- or multi-tenant?
Logically single-tenant: every record and query is scoped to the account, and cross-tenant access is structurally impossible (we test for it).
How long is data retained, and can it be deleted?
You set retention. You can delete everything with one click and receive a signed deletion receipt. Export anytime.
Where is data hosted / data residency?
Cloudflare's global network. Region/jurisdiction control is available on Enterprise.
How do users authenticate?
Passwordless magic-link — no passwords are stored. Sessions are HttpOnly, Secure, SameSite, and expire.
Is MFA enforced internally?
MFA is enforced on our admin systems (Cloudflare, GitHub, email, billing).
How is access reviewed?
Least-privilege; access is reviewed and revoked on offboarding. Documented as part of our SOC 2 Type I work.
Do you have SOC 2?
SOC 2 Type I is in progress; Type II will follow the observation window. We will never claim a report we don't hold.
Do you have a penetration test?
Scheduled as part of the SOC 2 program; report available once complete.
What is your breach notification commitment?
We notify affected customers of a confirmed breach involving their data without undue delay.
Who are your subprocessors?
Cloudflare (hosting, compute, storage, AI inference) and Resend (sign-in email). We notify before adding a new one.
Is change management controlled?
Yes — every change ships through git + CI, with a full deploy history.
Do you guard against prompt injection in uploaded documents?
Yes — uploaded documents are treated as untrusted data, and every “supported” answer is independently verified before it's shown.
Need this as a formal CAIQ/SIG or a signed DPA? Email hi@saneapps.com · Security · Privacy