Security at Markprompt

Learn how Markprompt handles security.

SOC 2 and GDPR

Markprompt is SOC 2 Type II certified and GDPR compliant. Our SOC 2 and GDPR reports are available on demand to Enterprise customers.

Data Encryption

All customer data is encrypted at rest with AES-256 and in transit via TLS. Sensitive information like chat interactions are encrypted before they are stored in the database.

0-day Retention

Markprompt has a 0-day retention agreement with OpenAI, so no data is stored on OpenAI servers after a request has completed.

Uptime SLAs

Markprompt has a 99.9% server uptime, and quickly communicates in case of downtime or other events impacting the availability of the service.

Vulnerability Management

Markprompt works with industry experts to conduct penetration tests on a regular basis. Markprompt domains are continuously scanned for vulnerabilities.

Incident Response

Data security incidents or breaches receive prioritized attention, undergo comprehensive investigation, and are subjected to a well-defined incident management process to ensure proper handling.

Automated Backups

All customer data is backed up on a daily basis. Backups are persisted for 30 days.

Employee Training

Every employee at Markprompt undergoes annual security awareness training with an external provider.

Frequently asked questions

Is Markprompt SOC 2 Type II certified?

Is Markprompt GDPR compliant?

Is data encrypted?

How is Personally Identifiable Information (PII) handled?

What SSO providers are supported?

How frequently is data backed up?

Do you conduct regular penetration testing?

Does Markprompt use subprocessors?

Where can I report a security issue?