Trust

Claims with dates,nothing more.

Compliance, audits, and security posture. Honest dates. We claim only what we have completed. Anything else is on the roadmap with no date until there's a date.

Read the Security Details Read the Privacy Policy

Compliance

Compliance, as it stands today.

Every line below carries its real status. When a status changes, this table changes. Not before.

Item	Status	Note
SOC 2 Type II	Planned	No audit report claimed. Evidence collection is part of the Cloud release path.
GDPR	In progress	Privacy controls, export, deletion, and subprocessors are being prepared for legal review.
CCPA	In progress	User data export and deletion paths must be verified before broad Cloud launch.
HIPAA	Not available	AGI is not a medical device and does not offer HIPAA-covered workflows today.
ISO 27001	On the roadmap	No date claimed. Will list date once we commit.

Security posture

How the product is held together.

Key storage	Local and BYOK secrets are designed for masked display, local secure storage, and explicit provider labeling.
Tool execution	File, shell, browser, and external actions use explicit approval and sandbox paths where available.
Auth	Managed Cloud auth uses server-side route checks and secure cookie settings where enabled.
Database	Cloud data is scoped by authenticated user in server routes and database policies before broad release.
Transit	HTTPS in transit on deployed surfaces.
Code signing	Desktop installers are launch-gated and will be published through verified GitHub release assets or configured signed-asset URLs. Windows public release remains aligned to July 12, 2026.
Privacy	Website users can try AGI managed Auto Economy with a small free cap. Local and BYOK are supported on desktop and developer surfaces. Higher hosted cloud is invite-only.

More detail

Go deeper on any of it.

Read the Security Details Read the Privacy Policy See the Subprocessors

Compliance, as it stands today.

Every line below carries its real status. When a status changes, this table changes. Not before.

Item

Status

Note

SOC 2 Type II

Planned

No audit report claimed. Evidence collection is part of the Cloud release path.

GDPR

In progress

Privacy controls, export, deletion, and subprocessors are being prepared for legal review.

CCPA

In progress

User data export and deletion paths must be verified before broad Cloud launch.

HIPAA

Not available

AGI is not a medical device and does not offer HIPAA-covered workflows today.

ISO 27001

On the roadmap

No date claimed. Will list date once we commit.

How the product is held together.

Key storage

Local and BYOK secrets are designed for masked display, local secure storage, and explicit provider labeling.

Tool execution

File, shell, browser, and external actions use explicit approval and sandbox paths where available.

Auth

Managed Cloud auth uses server-side route checks and secure cookie settings where enabled.

Database

Cloud data is scoped by authenticated user in server routes and database policies before broad release.

Transit

HTTPS in transit on deployed surfaces.

Code signing

Desktop installers are launch-gated and will be published through verified GitHub release assets or configured signed-asset URLs. Windows public release remains aligned to July 12, 2026.

Privacy

Website users can try AGI managed Auto Economy with a small free cap. Local and BYOK are supported on desktop and developer surfaces. Higher hosted cloud is invite-only.