Security & Privacy

Machine is built with a security-first approach, ensuring your data, conversations, and activities remain protected at all times.

Data Protection

Encryption

Data in Transit

All communication between your devices and Machine uses TLS 1.3 encryption, ensuring that your data is secure as it travels across the internet.

Data at Rest

Your stored data is encrypted using AES-256, protecting it from unauthorized access even in the unlikely event of a breach.

End-to-End Encryption

Sensitive operations and files can be end-to-end encrypted, meaning only you can access the unencrypted data.

Key Management

We use industry-standard key management services to securely store and rotate encryption keys.

Access Controls

  • Role-Based Access: Only authorized personnel have access to systems containing user data
  • Least Privilege Principle: Personnel are granted only the minimum permissions necessary
  • Multi-Factor Authentication: Required for all internal systems
  • Access Logging: All access to user data is logged and audited

Privacy Guarantees

Data Usage

Machine only uses your data for the following purposes:

  1. Providing our services: Processing your requests and performing tasks you explicitly ask for
  2. Improving our services: Learning from interactions to improve response quality
  3. Security and fraud prevention: Detecting and preventing fraudulent activity and security threats

Data Sharing

We do not sell or rent your personal information. We only share your information in the following limited circumstances:

  • With your explicit consent
  • To comply with legal obligations
  • With service providers who help us deliver our services (under strict confidentiality agreements)

Data Retention

  • Active Conversations: Retained to provide context for ongoing interactions
  • Completed Tasks: Retained for 30 days by default, or based on your configured retention policy
  • Account Information: Maintained as long as you have an active account
  • Data Deletion: You can request deletion of your data at any time through your account settings

Security Measures

Infrastructure Security

  • Cloud Security: We leverage enterprise-grade cloud infrastructure with built-in security features
  • Network Isolation: Critical systems are isolated from public networks
  • DDoS Protection: Advanced systems to prevent denial-of-service attacks
  • Vulnerability Management: Regular scanning and timely patching of vulnerabilities

Application Security

  • Secure Development: We follow secure coding practices throughout our development lifecycle
  • Regular Audits: Our codebase undergoes regular security audits and penetration testing
  • Dependency Scanning: We scan for and update vulnerable dependencies
  • Bug Bounty Program: We work with security researchers to identify and fix security issues

Operational Security

  • Security Monitoring: 24/7 monitoring for suspicious activities
  • Incident Response: Defined procedures to quickly address security incidents
  • Regular Drills: Our team conducts regular security incident response drills
  • Vendor Assessment: All third-party vendors undergo security assessment

Compliance

Machine is designed to help you maintain compliance with various regulations and standards:

  • GDPR: Compliant with the European Union’s General Data Protection Regulation
  • CCPA: Compliant with the California Consumer Privacy Act
  • SOC 2: We maintain SOC 2 Type II certification
  • HIPAA: Available on Enterprise plans for customers who require HIPAA compliance

Reporting Security Issues

If you discover a security vulnerability, please report it to rcohen@mytsi.org. We appreciate your help in keeping Machine secure and will respond promptly to your report.

Privacy Controls

Machine gives you control over your privacy:

For more detailed information about our privacy practices, please refer to our Privacy Policy.