Security & trust

Your customer data, protected by design.

AutomateNexus CRM is built for teams that can't compromise on security. Encryption everywhere, enterprise access control, AI governance, and data you own outright — so you can adopt agents without giving up control.

How we protect you

Six layers, working together.

Security isn't a setting you turn on. It's how the whole platform is built — from the database to the agents to the export button.

Data protection

Every byte is encrypted in transit with TLS 1.2+ and at rest with AES-256. Secrets and API keys are stored in an isolated vault, never in plaintext.

  • TLS 1.2+ in transit
  • AES-256 at rest
  • Isolated secrets vault
  • Encrypted backups

Access control

Enterprise SSO, granular roles, and row-level security keep the right people in the right records — and everyone else out.

  • SSO via SAML 2.0 & OIDC
  • Role-based access control (RBAC)
  • Row-level security
  • 2FA on every account
  • Admin impersonation with audit logging

Compliance posture

We operate to SOC 2-aligned controls and build GDPR-ready by default, with data residency options for teams that need them.

  • SOC 2-aligned practices
  • GDPR-ready
  • Data residency options
  • DPA available

Reliability

Redundant infrastructure, continuous monitoring, and a 99.9% uptime SLA on Agency keep your pipeline available when you need it.

  • 99.9% uptime SLA (Agency)
  • Continuous monitoring
  • Redundant infrastructure
  • Automated failover

AI governance & BYOK

Bring your own model keys, keep humans in the loop on sensitive actions, and review every agent decision in a complete audit trail.

  • Bring your own model keys (BYOK)
  • Human-in-the-loop approvals
  • Full agent audit trail
  • Your data never trains third-party models

Data ownership

Your data is yours. Export everything — contacts, deals, notes, and history — anytime, in open formats, with no lock-in or exit fees.

  • One-click full export
  • Open formats (CSV / JSON)
  • Full API access
  • No exit fees

Compliance & standards

Built to the standards your buyers audit for.

SOC 2
Type II in progress
GDPR
Compliant
CCPA
Compliant
DPA
Available
Data & privacy

Your data is yours. We just keep it safe.

Clear commitments, in plain language — no fine print designed to confuse.

We never sell your data
Your CRM records and customer data are never sold, shared, or used to train third-party models.
You own your records
Export everything, anytime, in open formats. Leaving is as easy as joining.
Least-privilege access
Our team accesses customer data only when you request support — logged and time-boxed.
Data residency on request
Enterprise and agency customers can request a specific hosting region for their workspace.
Sub-processors disclosed
A current list of every sub-processor we use is available and kept up to date.
Breach notification
A clear, fast incident process — you're notified promptly if anything affects your data.

Least privilege by default

Row-level security and granular roles mean people only ever see the records they're meant to.

Governed AI

Every agent action is logged, reversible where it matters, and gated behind approvals on anything sensitive.

Yours to take

No lock-in. Export the whole workspace in open formats whenever you want, no questions asked.

Security FAQ

The questions security teams ask first.

Yes. All data is encrypted in transit with TLS 1.2 or higher and encrypted at rest with AES-256. Backups are encrypted as well, and secrets such as API keys are held in an isolated vault rather than in your records.

Bring agents in without giving up control.

Talk to our team about your security requirements, request documentation, or start a trial in your own environment.