Security at Archival

Archival processes sensitive data about how teams use AI. We take that responsibility seriously. This page outlines our approach to security, data handling, and infrastructure.

Our approach

Security is built into Archival from the architecture level, not bolted on after the fact. We follow least-privilege access principles, encrypt data at every layer, and isolate customer environments by design.

Data encryption

All data is encrypted in transit using TLS 1.2 or higher and at rest using AES-256 encryption. Encryption keys are managed through industry-standard key management services.

Tenant isolation

Customer data is logically isolated. There is no cross-tenant access by design. Each customer's data is segmented at the infrastructure level.

Access control

Internal access follows least-privilege principles. All access to production systems is logged and auditable. Role-based permissions ensure team members only access what they need.

Compliance

We are an early-stage company and do not yet hold SOC 2 or ISO 27001 certifications. We are actively working toward these and are happy to share our current security practices, architecture documentation, and answer any questions directly.

Questions?

If you have questions about our security practices or would like a detailed review, please reach out. We believe transparency is the best foundation for trust.