Skip to main content

Security

Your security and privacy are our top priorities

Our Commitment to Security

At Legionarius AI, we understand that trust is earned through consistent, secure practices. We implement comprehensive security measures to protect your personal information, diary entries, and all data you entrust to our services.

Data Encryption

End-to-End Encryption

All sensitive data, including diary entries and personal communications, is protected with end-to-end encryption. This means your data is encrypted on your device before transmission and can only be decrypted by you.

Data in Transit

All data transmitted between your device and our servers is protected using TLS 1.3 encryption, ensuring your information remains secure during transmission.

Data at Rest

Data stored on our servers is encrypted using AES-256 encryption standards, providing military-grade protection for your stored information.

Infrastructure Security

  • Secure Cloud Infrastructure: We use industry-leading cloud providers with SOC 2 Type II compliance
  • Network Security: Multi-layered firewalls and intrusion detection systems
  • Access Controls: Strict access controls with multi-factor authentication for all team members
  • Regular Security Audits: Quarterly penetration testing and security assessments
  • Data Backup: Encrypted, geographically distributed backup systems

Application Security

Secure Development Practices

  • Security-first development methodology
  • Regular code reviews and security testing
  • Automated vulnerability scanning
  • Secure coding standards and guidelines

Authentication & Authorization

  • Multi-factor authentication (MFA) available
  • OAuth 2.0 and OpenID Connect standards
  • Role-based access control (RBAC)
  • Session management and timeout controls

Privacy by Design

  • Data Minimization: We collect only the data necessary for service functionality
  • Purpose Limitation: Data is used only for stated purposes
  • User Control: You maintain control over your data with easy export and deletion options
  • Transparency: Clear documentation of data practices and security measures

Compliance & Certifications

We maintain compliance with major security and privacy frameworks:

  • GDPR (General Data Protection Regulation)
  • CCPA (California Consumer Privacy Act)
  • SOC 2 Type II compliance (in progress)
  • ISO 27001 standards alignment
  • OWASP security guidelines

Incident Response

We maintain a comprehensive incident response plan that includes:

  • 24/7 security monitoring and alerting
  • Rapid response team for security incidents
  • Clear communication protocols for affected users
  • Post-incident analysis and improvement processes
  • Coordination with relevant authorities when required

Your Role in Security

Security is a shared responsibility. You can help protect your account by:

  • Using a strong, unique password
  • Enabling multi-factor authentication
  • Keeping your devices and apps updated
  • Being cautious about phishing attempts
  • Logging out of shared or public devices
  • Reporting suspicious activity immediately

Security Updates

We continuously monitor for security threats and regularly update our systems. Security patches and updates are applied promptly to ensure ongoing protection of your data.

Third-Party Security

When we work with third-party services, we ensure they meet our security standards:

  • Due diligence security assessments
  • Contractual security requirements
  • Regular security reviews of vendors
  • Data processing agreements that protect your information

Report Security Issues

If you discover a security vulnerability or have security concerns, please contact us immediately:

Security Team
Email: security@legionarius.ai

We appreciate responsible disclosure and will work with security researchers to address any identified vulnerabilities promptly.