Security & Privacy

Your data stays yours

Enterprise security without the enterprise price tag. Your data stays isolated from other customers, protected by 256-bit encryption, and processed by AI that never trains on your information. Designed with SOC 2 and GDPR requirements in mind from day one.

Security-First Architecture

Built with enterprise-grade security controls from the ground up

Privacy by Design

Built with compliance in mind for data protection regulations

256-bit Encryption

All data encrypted at rest and in transit with AES-256

No Model Training

Under AWS Bedrock's service terms, customer data is not used to train foundation models

Security built into everything

From AI processing to data storage, security is never an afterthought

Enterprise AI Infrastructure

Muin uses AWS Bedrock for AI processing, the enterprise AI platform trusted by Fortune 500 companies. Under AWS Bedrock's service terms, customer data is not used to train foundation models.

Full Encryption

All data is encrypted using AES-256 encryption at rest and TLS 1.3 in transit. Field-level encryption (AES-256-GCM) protects sensitive PII, while encrypted storage ensures your data remains secure even if physical access were compromised.

Access Controls

Granular role-based access controls let you define exactly who can see and do what. Audit logs track every action. OAuth 2.0 (Google, Microsoft) sign-in, MFA, bot protection, and automated account lockout. SSO planned for future release.

Infrastructure Security

Enterprise-grade cloud infrastructure with encrypted storage and continuous monitoring. Hosted on AWS with high availability and automated security patching.

Enterprise AI Security

AI that respects your data

Ask any AI vendor three questions: Does my data train your models? How long do you retain my documents? Can you show me your architecture? Most can't answer clearly. We can. Muin uses AWS Bedrock with published data privacy commitments.

What this means for you:

Under AWS Bedrock's service terms, your data is not used to train AI models
No persistent data retention by AI providers after processing — your documents are not stored by AWS Bedrock
Hosted on AWS infrastructure (AWS is certified for SOC 2, HIPAA, and ISO 27001). Muin is designed for SOC 2 compliance; certification planned.

Other AI Platforms

Vague terms, unclear data policies

Muin + AWS Bedrock

Explicit guarantees, full transparency

Data Protection

Your data, isolated and protected

Multiple layers of protection ensure your business data stays secure

Multi-tenant Isolation

Your data is logically separated from other customers at the database level. Strict application-level tenant isolation enforced on every query.

Document Security

Files validated on upload with type and size verification, and stored with AES-256 server-side encryption in secure cloud storage.

Application Security

Built following OWASP best practices: input validation, injection detection, rate limiting, and AI prompt security protect against common and emerging attacks.

Encryption Everywhere

AES-256 at rest, TLS 1.3 in transit. Your data is encrypted whether it's moving or sitting still.

Access Management

Control who sees what

Granular controls and complete visibility over every action

Flexible Authentication

OAuth 2.0 (Google, Microsoft) sign-in, MFA with backup codes, and Cloudflare Turnstile bot protection. Automated account lockout after failed attempts. SSO planned for future release.

Role-based Permissions

Granular controls let you define exactly who can view, edit, or share each resource across your organization.

Complete Audit Trail

Every login, document access, and admin action is logged. Export logs anytime for compliance reviews.

Session Security

Automatic timeouts, secure token management, configurable password policies, and rate limiting protect against unauthorized access.

Compliance made simple

Built-in features to help you meet regulatory requirements

Right to erasure (GDPR)

Data portability

Consent management

Audit log export

Role-based access controls

Encrypted data storage

Configurable password policies

Account lockout protection

Encryption key rotation

Questions about security?

Our security team is happy to discuss your specific requirements, provide documentation, or schedule a security review.

Contact Security Team

Verify our security posture

Our Trust Center provides real-time visibility into our certifications, compliance frameworks, sub-processors, and data residency.

Learn more about our security practices

Visit our Trust Center for detailed information about our security controls, compliance roadmap, and data protection practices.

Visit Trust Center

Ready to get started securely?

Beta starts May 2026. Sign up now for enterprise-grade security from day one.