Security & Trust

This page exists for the person you forward it to — your security team, your procurement lead, your CISO. Here's what they need to know.

SOC 2 Type 2 Certified

Handle holds SOC 2 Type 2 certification. Full audit reports and policy documentation are available at trust.handle.work.

Least-privilege by design

Handlers receive only the context they need for the task at hand. Credentials are scoped per-integration, per-Handler. Your sensitive data is not exposed beyond the specific operation being performed.

Human-in-the-loop controls

Review and approve anything a Handler sends outside the company. Escalation policies, approval gates, and audit logs give your team full visibility and control over Handler actions.

End-to-end encryption

All data in transit and at rest is encrypted. For organisations with critical security requirements, BYO LLM options are available to keep inference within your own infrastructure.

Data retention & residency

Standard data retention policies apply. Enterprise customers can configure custom retention periods and data residency requirements.

Need more detail?

For security questionnaires, penetration test reports, or specific compliance questions, reach out directly.