Trust & Safety
Security
How we keep your data, calls, and agents protected at Grezorea.
Encryption
All data is encrypted in transit using TLS 1.2 or higher and at rest using AES-256. Call recordings, transcripts, configuration data, and credentials are protected end to end. Encryption keys are managed using industry-standard key management services with rotation policies.
Access Controls
Role-based permissions, audit logs, and multi-factor authentication ensure only authorised people can view or change your agents and data. Internal access by Grezorea personnel is restricted to named individuals on a need-to-know basis, with every access event logged.
Infrastructure & Availability
Grezorea runs on hardened, monitored cloud infrastructure with redundancy across availability zones and automated backups with point-in-time recovery. Infrastructure is continuously scanned for vulnerabilities, and configuration changes are gated behind peer review and automated policy checks.
Network Security
All production systems are isolated behind private networks with strict ingress and egress rules. Public-facing endpoints are protected by web application firewalls, DDoS mitigation, and rate limiting. Penetration testing is conducted on a regular schedule by independent third parties.
Application Security
Our development lifecycle includes mandatory code review, automated static analysis, dependency vulnerability scanning, and regular security training for all engineers. Critical findings are triaged and remediated within defined SLAs tracked by our security team.
Incident Response
We maintain a documented incident response plan covering detection, containment, investigation, notification, and post-incident review. Monitoring is in place to detect anomalies in real time. Customers will be notified of any incident affecting their data within the timeframe required by applicable law.
Sub-processor Security
Every third-party sub-processor that handles customer data is assessed against our security standards before onboarding and reviewed annually. All are bound by data processing agreements with security and breach notification requirements consistent with our own obligations.
Responsible Disclosure
Found a vulnerability? We welcome reports from the security community. Email support@agents.grezorea.com with details of the issue. Our team will acknowledge receipt within 2 business days and keep you informed throughout the remediation process. We do not pursue legal action against good-faith researchers.
Report a security concern at support@agents.grezorea.com
Related Pages