TruthAGI.ai Back to Home
Enterprise-Grade Security

Security at TruthAGI.ai

We employ multiple layers of security to protect your data and ensure the integrity of our platform

AES-256

Encryption

LGPD/GDPR

Compliant

24/7

Monitoring

2FA/TOTP

Support

Your Data is Protected

At TruthAGI.ai, we protect your conversations, API keys, and personal information with multiple layers of security. Your data is encrypted with your own unique key, so even we can't access it. We continuously test and monitor our systems to keep you safe.

Your Stored Data

  • Your own encryption key - generated from your password, unique to you
  • Military-grade encryption - same standard used by banks and governments
  • Isolated data - your information is separate from other users
  • We can't access your data - your key exists only when you need it
  • 2FA codes protected - your two-factor authentication is encrypted too

Data in Transit

  • Secure connection - all data encrypted while traveling between you and our servers
  • Always HTTPS - your browser automatically uses encrypted connections
  • Protection from hackers - prevents eavesdropping and data tampering
  • Browser security - additional protections against malicious websites

Account Protection

Password Protection

  • • Strong password requirements
  • • Passwords are never stored directly
  • • Resistant to brute-force attacks
  • • Unique protection per account

Two-Factor Authentication

  • • Works with Google Authenticator
  • • Backup codes for account recovery
  • • Extra layer of security
  • • Optional but recommended

Session Security

  • • Secure login sessions
  • • Automatic logout after inactivity
  • • Track active devices
  • • One-click logout everywhere

Protection Against Common Attacks

Database Attack Prevention

Our platform is protected against SQL injection attacks - one of the most common ways hackers try to steal data. We automatically clean and validate all inputs before they touch the database.

Malicious Code Protection

We block cross-site scripting attacks that try to inject malicious code into your browser. Your sessions are safe from unauthorized scripts.

Request Forgery Protection

Each action you take includes a unique security token to prevent unauthorized requests. Attackers can't trick your browser into performing actions on your behalf.

Input Validation

Every piece of information you send us is carefully checked to ensure it's safe and expected. This prevents command injection and malicious file access attempts.

Server & Network Protection

Note: We use enterprise-grade hosting providers (Render.com and Cloudflare) to ensure maximum uptime and protection.

Network Protection

  • Protected against DDoS attacks
  • Isolated network infrastructure
  • Automatic abuse prevention
  • Restricted admin access

System Maintenance

  • Constant security updates
  • Only essential services running
  • Continuous security monitoring
  • Active intrusion detection

24/7 Security Monitoring

We continuously monitor for suspicious activity and keep detailed logs to protect your account:

What We Track

  • • Login attempts and successes
  • • Suspicious access patterns
  • • Attack attempts on your account
  • • Unusual activity detection
  • • System performance issues

How We Respond

  • • Logs kept secure for 90 days
  • • Instant threat detection
  • • Automatic security alerts
  • • Regular security reviews
  • • Protected, tamper-proof records

Your API Keys Are Safe

If you use your own API keys (OpenAI, Anthropic, etc.), we protect them with the highest security standards:

How We Store Them

  • • Encrypted with your unique key
  • • Military-grade encryption
  • • Never stored in plain text
  • • Protected while stored and traveling

Your Control

  • • Only you can access your keys
  • • Other users cannot see your keys
  • • Track when keys are used
  • • Delete keys anytime

Safe & Secure Payments

Powered by Stripe

All payments are processed by Stripe, trusted by millions worldwide. We never see or store your full credit card information.

  • Bank-level security for all transactions
  • Your card details stay with Stripe, not us
  • Extra verification for European cards
  • Automatic fraud detection
  • Secure communication with payment provider

Privacy & Data Protection

LGPD (Brazil)

We follow Brazil's data protection law - you have control over your personal information and can request deletion at any time.

GDPR (Europe)

Full compliance with European privacy laws - your data rights are protected including the right to be forgotten.

SOC 2

We meet industry standards for security, availability, and confidentiality of customer data.

If Something Goes Wrong

If there's ever a security issue, here's exactly what we'll do:

1

We'll Detect It Fast

Our monitoring systems watch for problems 24/7 and alert us immediately

2

We'll Stop It

We immediately isolate the problem to prevent it from spreading

3

We'll Fix It

We remove the threat completely and get everything back to normal

4

We'll Tell You

If your data was affected, we'll notify you within 72 hours (required by law)

5

We'll Learn From It

We analyze what happened and improve our security to prevent it from happening again

Found a Security Issue? Let Us Know

We appreciate security researchers and users who help us keep the platform safe. If you discover a security problem, please report it responsibly:

  1. Send details to security@truthagi.ai
  2. Describe the issue and how you found it
  3. Include steps to reproduce it (if you can)
  4. Give us time to fix it before telling others
  5. Please don't delete data or access other users' information while testing

What we'll do: Reply within 48 hours, keep you updated on progress, give you credit if you want it, and work with you to fix the issue.

How to Keep Your Account Safe

Do This

  • ✓ Turn on Two-Factor Authentication (extra protection)
  • ✓ Use a strong, unique password
  • ✓ Keep your email account secure
  • ✓ Check your security logs occasionally
  • ✓ Log out when using shared computers
  • ✓ Keep your browser updated
  • ✓ Consider using a password manager

Don't Do This

  • ✗ Share your password with anyone
  • ✗ Use public WiFi without a VPN
  • ✗ Click on suspicious or unknown links
  • ✗ Reuse passwords from other websites
  • ✗ Ignore security warnings
  • ✗ Write passwords down in plain text
  • ✗ Use weak passwords like "password123"

Get in Touch

Have questions about security? Need to report something? We're here to help:

Security Issues: security@truthagi.ai

General Questions: support@truthagi.ai

Company: AletheionAGI

Based in: Florianópolis, Brazil

Privacy Policy Terms of Service Home

© 2024 AletheionAGI. All rights reserved.