B
Brief2Prod
by XappyTech
Security

Built secure. Honest about where we are.

We're working toward SOC 2 Type II. Here's how we approach security in the meantime, and what we commit to.

01 — Principles

How we protect your data.

Encryption

Your data is encrypted both at rest and in transit using industry-standard cryptography. Your ESP credentials receive additional protection with hardware-backed encryption.

Authentication & access control

Multi-factor authentication available. Session management with auto-expiry. Role-based access controls within your organization.

Infrastructure

We carefully select infrastructure and service providers with strong security postures. All our critical vendors maintain SOC 2 Type II certifications or equivalent.

Tenant isolation

Your organization’s data is architecturally isolated from other organizations. Not just by policy — by code.

Data minimization

We collect only what we need to provide the service. Your email content is never used to train AI models. We don’t share or sell your data — ever.

02 — Commitments

What we promise.

  1. Your data is yours.You own everything you create in Brief2Prod. We process it only to provide the service. We do not train AI models on your content.
  2. No surprises.We will never make substantive changes to how we handle your data without notifying you in advance.
  3. Right to leave.Email us anytime to delete your account and all associated data. We honor deletion requests within 30 days.
  4. Honest communication.If we have a security incident, we’ll tell you promptly and explain what happened — without legal hedging.
03 — Privacy

Your data is yours.

We're a Canadian company. We take privacy seriously and honor data subject rights — access, deletion, portability — regardless of where you're located.

See our Privacy Policy for full details on how we handle your data, including your rights and how to exercise them.

Read Privacy Policy Read Terms of Service

Email privacy@brief2prod.com for privacy-related requests.

04 — Reporting

Found something? Tell us first.

We take security seriously. If you've found a vulnerability:

Email
security@brief2prod.com
Response time
Within 48 hours during business days
Safe harbor
For good-faith security research
Disclosure
Coordinated disclosure preferred
Bug bounty
In development

We acknowledge security contributions publicly with researcher permission.

05 — Questions

Questions about security or privacy?

Reply directly to either:

  • security@brief2prod.comSecurity issues
  • privacy@brief2prod.comPrivacy requests

We respond within 48 hours during business days · Real conversations, not ticket queues

Read Privacy PolicyRead Terms of Service