Trust & Compliance
Security Guarantee: Zero-Retention
We treat your data like toxic waste. EdgeMask is built from the ground up with a zero-trust, zero-retention architecture designed for the most security-conscious enterprise environments.
Our Security Philosophy
EdgeMask operates on the principle that the best data protection is not handling data at all. Sensitive content is processed in-memory at the edge and immediately discarded. Nothing is stored. Nothing is logged. Nothing is exposed.
Zero-Logging
We do not persist prompt or response bodies.
- No prompt content is ever written to disk or database
- No response bodies are retained after delivery
- Metadata logging is limited to anonymized request counts
- Audit logs contain only access patterns, never content
- Configurable log retention policies for compliance teams
TLS 1.3 End-to-End Encryption
End-to-end encryption from your server to our edge, and our edge to the provider.
- All traffic is encrypted with TLS 1.3 — the latest standard
- Perfect forward secrecy (PFS) on all connections
- Certificate pinning for enterprise configurations
- No SSL termination at intermediate hops
- Automatic certificate rotation and renewal
SOC2 Compliance Ready
Designed to meet the strictest enterprise security requirements.
- SOC2 Type II controls built into every layer
- Annual third-party security audits
- Continuous monitoring and vulnerability scanning
- Incident response plan with defined SLAs
- Data processing agreements (DPA) available on request