Sign Up Now

Security at Aimey

We keep your data safe with simple, proven controls. Below is a quick summary of how we protect you.

  • Safe data
  • Encrypted
  • AI Privacy Guard
AI (1)
5
4
3
2 (1)
1 (1)

Aimey.ai security

At Aimey.ai, security and privacy are built into everything we do. Our platform runs on Microsoft Azure’s enterprise-grade infrastructure, following SOC 2 Type II and GDPR standards.

Data Protection

  • Encryption in Transit: TLS 1.2/1.3 for all web, API, and integration traffic.
  • Encryption at Rest: AES-256 for databases, files, and backups.
  • Key Management: Securely handled with Azure Key Vault and regular rotation.
  • Environment Isolation: Separate Dev, QA, and Production systems.

Access Control

  • Zero-Trust model — every request verified, no default access.
  • RBAC + MFA for all admin and internal accounts.
  • Secure VPN for remote and privileged access.

Compliance & Privacy

  • Privacy-by-Design approach aligned with SOC 2, GDPR and global standards.
  • Data Processing Agreements (DPA) available for enterprise clients.
  • Regular penetration testing and vulnerability scanning.

Network Security

  • Multi-layer firewallsIDS/IPS, and DoS/DDoS protection.
  • Continuous monitoring and automated alerts for threats.
  • Regular patching and system hardening to close vulnerabilities.

Reliability & Recovery

  • Encrypted, geo-redundant backups tested regularly.
  • Documented disaster-recovery and continuity plans.

People & Training

  • Annual security awareness training for all staff.
  • Background checks and device management for all team members.

Report a Security Issue

  • See something concerning? Email us at security@aimey.ai — we respond promptly and appreciate responsible disclosure.
  • Background checks and device management for all team members.

Compliance status

SOC 2 Type II — Pending

Controls are implemented and being audited by a third party.

GDPR — Compliant

We operate a GDPR program covering data rights, contracts, and vendor oversight.

Your rights (GDPR): You can request access, correction, deletion, export, or object to certain uses. Email security@aimey.ai.

GDPR Compliance: Aimey.ai complies with the General Data Protection Regulation (GDPR) for customers in the EU and UK. Our cloud environment is hosted on Microsoft Azure in the US West region, with data transfers protected under the EU Standard Contractual Clauses (SCCs). All personal data is encrypted in transit and at rest, and managed through Azure Key Vault with strict access controls.
Aimey.ai acts as a data processor, and Microsoft Azure serves as a sub-processor, both operating under GDPR-compliant agreements.
We have appointed an EU/UK Representative to handle GDPR-related inquiries, ensuring transparency and accountability in how we process and protect your data. 

What we protect

01

Your account info, meeting notes, tasks, and files you choose to store or share with Aimey.

02

We don’t sell your personal data.

How we protect it

Encryption

Data is encrypted in transit (TLS) and at rest (AES-256 or cloud equivalent).

Access control

Only the right people have access; MFA is required for all our admins and employees; access is reviewed regularly.

Monitoring

We log admin and data access and watch for unusual activity.

Backups & continuity

Encrypted backups and tested restore procedures keep your data available.

Data retention & deletion

We keep data only as long as needed to provide the service.

On request or contract end, we delete or return your data and confirm completion.

Sub-processors (core)

Microsoft Azure

(hosting & storage)

Microsoft 365 / Entra ID

(productivity & identity)

Other vendors are added only after security review and DPAs.

If something goes wrong

We follow a documented Incident Response Plan and will notify you of any breach in line with legal and contractual timelines.

Responsible disclosure

Found a vulnerability? Please email security@aimey.ai with details. We’ll review and respond.

Learn more