Security Policy
Plantel Inc. — Texas-incorporated.
1. Security commitments
SOC 2 Type II Aligned. ISO 27001:2022 Aligned. HIPAA-aligned controls.
2. Encryption
TLS 1.3 in transit. AES-256 at rest. Per-tenant key separation.
3. Access controls
Per-agent identity (Ed25519). SSO/SAML/SCIM. MFA required for admin access.
4. Infrastructure
Encrypted backups. Audit log retention up to 7 years.
5. SOC 2 / ISO 27001 status
SOC 2 Type II Aligned. ISO 27001:2022 Aligned. We are not yet certified; formal SOC 2 and ISO 27001 audits are on our roadmap.
6. Penetration testing
Independent penetration testing is planned ahead of general availability.
7. Vulnerability disclosure
We welcome coordinated vulnerability disclosure. Report security concerns to security@plantel.ai.
8. Incident response
24-hour notification for confirmed breaches affecting customer data. Status page updates in real time.
Last updated 2026-05-18. Templated v1; outside counsel review pending per ADR-005.
Questions: legal@plantel.ai