CoFounder.AITrust Center
Pursuing SOC 2 Type I

Security & compliance at CoFounder.AI

We take the security of founders’ data seriously. This is a summary of our program. Approved auditors, customers, and investors can enter our data room to read our policies and system description — and ask our AI compliance assistant questions directly.

SOC 2

CoFounder.AI, Inc. is pursuing SOC 2 Type I. Our security program is documented and continuously improving ahead of an independent examination.

Hosting

Runs on Google Cloud Platform behind Cloudflare (DNS, WAF, DDoS protection, TLS). Infrastructure managed as code and access-controlled.

Encryption

Encryption in transit (TLS) everywhere and at rest via Google-managed keys. Secrets are stored in Google Secret Manager, never in source.

Access control

Google / LinkedIn SSO with optional TOTP two-factor. Administrative access is least-privilege and restricted to verified staff identities.

Tenant isolation

Each customer's project data lives in an isolated PostgreSQL schema, with a per-project agent runtime — no cross-tenant access.

Subprocessors

A maintained register of subprocessors (cloud, AI, communications, billing) is available in the data room, with the data each processes.

The SOC 2 data room

Inside, you’ll find our system description, security policies, data architecture, and subprocessor register — plus an AI compliance assistant that answers questions grounded in those documents. Materials are confidential and provided under a confidentiality acknowledgement for security due-diligence purposes only.

  • System description & security policies
  • Data architecture & subprocessor register
  • AI assistant for grounded Q&A
  • Time-limited, revocable access

Request access

Tell us who you are and why you need access. We review each request.

Materials are confidential and provided under a confidentiality acknowledgement.