Trust & Security

Ambria is committed to maintaining the highest standards of security, compliance, and data privacy for our customers.

SOC 2 Type II
About AmbriaPrivacy Policy

Enterprise-grade security

SOC 2 compliance

SOC 2 Type II compliant (in continuous monitoring for second observation period)

Enterprise-grade security

Annual third-party penetration testing with independently verified security controls

Data encryption

Encrypts all data (TLS 1.2+ in transit, AES-256 at rest)

AI data privacy

Does not train AI models on customer data

Data deletion

Deletes employee/customer data on request (within 72 business hours)

Access controls

Role-based access controls (RBAC) with audit logging

CCPA compliance

CCPA-aligned with employee data rights

Vendor security

Sub-processors undergo security due diligence

Incident response

Incident response protocols with 72-hour response commitment

Employee notifications

Employee notification templates for CCPA compliance available

Data isolation

Privacy policy

Featured Documents

Ambria SOC 2 Type II Report
Ambria – AI Security & Compliance Overview
Ambria Security Roadmap
Data Classification Policy
Risk Assessment and Treatment Policy
Incident Response Policy
Information Security Policy
Business Continuity and Disaster Recovery
Ambria Data Flow Diagram

FAQ

Find answers to common questions about how we protect your data and maintain compliance.