Security and privacy at Sligo.ai
Security and privacy aren’t add-ons — they’re core to our platform.
From certifications to compliance, Sligo ensures your data stays safe and sovereign.
Sligo meets the AICPA SOC requirements for customer data management.
We fully comply with the
EU GDPR to safeguard personal data and privacy.
Sligo meets the international standard for information management security.
Sligo adheres to HIPAA requirements, ensuring protection for healthcare data.
We make it easy to understand how Sligo AI operates — from platform agreements to model transparency and vendor relationships.
Security assessments
Our latest audit reports and penetration test results.
Platform agreements
Our terms and policies, made clear
and accessible.
Sub-processors
Our trusted partners who support
our platform operations.
FAQs
Answers to common questions on security, privacy, and compliance.
Your data stays secure in motion, at rest, and in use – with encryption and controls built into the platform.
Data at rest
All customer data, including S3 buckets, is encrypted with field-level protections. Encryption applies before data ever hits the database, preventing access to sensitive information.
Data in transit
All data in motion uses TLS 1.2+ with features like HSTS for maximum security. TLS keys and certificates are managed by AWS and deployed via load balancers.
Secret management
Encryption keys are stored in AWS KMS and secured in HSMs, preventing direct access by individuals. Application secrets are encrypted with AWS Secrets Manager and tightly controlled.
We design our platform with privacy as a core principle, giving customers control over their data and exceeding compliance standards.
Privacy shield
Every feature is built with GDPR and global privacy frameworks in mind.
Regulatory compliance
You own your data, with clear options for access, retention, and deletion.
Privacy policy, DPA, and ISA
Built to align with major regulations and industry requirements worldwide.