Skip to content

Security

Last updated: 2/6/2026

Security Overview

At FluxLens AI, security is fundamental to our platform. We implement industry-standard security measures to protect your data and ensure the integrity of our Service.

Data Protection

Metadata-Only Processing

FluxLens AI processes only coordination metadata—timestamps, user IDs, channel names, issue statuses. We do not access or store:

  • Message content or body text
  • File contents or attachments
  • Private or direct message content
  • Code repositories or source code

Encryption

  • In Transit: All data is encrypted using TLS 1.3 during transmission
  • At Rest: Sensitive data is encrypted using AES-256 encryption
  • Database: All stored data is encrypted at rest

Access Controls

Authentication: Multi-factor authentication (MFA) is available for all accounts. We use industry-standard OAuth 2.0 and JWT tokens for session management.

Authorization: Role-based access control (RBAC) ensures users only access data they're authorized to view. Organization-level data isolation is enforced.

API Security: All API endpoints require authentication. Rate limiting and request validation prevent abuse.

Compliance & Certifications

SOC 2 Type II: Enterprise customers receive SOC 2 Type II compliance certification. Our security controls are regularly audited by independent third parties.

GDPR: We comply with the General Data Protection Regulation (GDPR) for European users.

CCPA: We comply with the California Consumer Privacy Act (CCPA) for California residents.

Infrastructure Security

Cloud Infrastructure: We use industry-leading cloud providers with robust security measures, including:

  • Regular security audits and penetration testing
  • DDoS protection and mitigation
  • Automated security monitoring and alerting
  • Disaster recovery and backup procedures

Vulnerability Reporting

We take security vulnerabilities seriously. If you discover a security issue, please report it to security@fluxlens.ai. We will respond promptly and work with you to resolve the issue.

Please do not publicly disclose vulnerabilities until we have had a chance to address them.

Security Best Practices

We recommend users:

  • Enable multi-factor authentication (MFA) on your account
  • Use strong, unique passwords
  • Regularly review connected integrations and revoke unused ones
  • Keep OAuth tokens secure and rotate them periodically
  • Monitor your account for suspicious activity

Contact

For security-related questions or concerns, contact our security team at security@fluxlens.ai.