Security

Foundersmate, a product of BOSC Tech Labs Private Limited, is committed to maintaining the highest standards of security, privacy, and data protection.

We understand that our users share sensitive business information — including product ideas, strategies, and technical requirements. Protecting this data is a core priority.

This document outlines how we secure your data, systems, and infrastructure.

We follow these core principles:

• Data Confidentiality — Your data remains private and accessible only to authorized users
• Data Integrity — Your data is protected from unauthorized modification
• System Availability — Our systems are designed for reliability and uptime
• Transparency — We clearly communicate how your data is handled

Foundersmate is built on secure, industry-standard cloud infrastructure.

Key Measures:

• Hosted on secure cloud environments (e.g., Google Cloud or equivalent)
• Data centers with physical security controls
• Network-level protections including firewalls and traffic filtering
• Isolation between services and environments

We use strong encryption mechanisms to protect your data:

In Transit

All data is encrypted using HTTPS.

At Rest

Data is encrypted using industry-standard encryption protocols.

We enforce strict access control policies:

• Secure user authentication (email/password-based login)
• Role-based access control (especially for Agency plans)
• Internal access restricted to authorized personnel only
• Least-privilege access principles followed

We implement best practices in secure software development:

• Input validation and sanitization
• Protection against common vulnerabilities
• Secure API design and access handling
• Regular code reviews and testing

Foundersmate integrates AI responsibly and securely.

AI Providers

• OpenAI
• Google Cloud AI
• Claude AI

Data Handling

• Data shared with AI providers only for generating outputs
• No use of customer data for public AI model training
• Minimal and controlled data exposure

We ensure strict separation of user data:

• Each user/account data is logically isolated
• No cross-access between users or organizations
• Agency accounts support controlled team-level permissions

We continuously monitor systems to detect and prevent threats:

• Real-time logging and monitoring
• Suspicious activity detection
• Rate limiting and abuse prevention
• Incident alerting mechanisms

• Data is retained only as long as necessary
• Users can request data deletion at any time
• Deleted data is securely removed or anonymized

To ensure data availability:

• Regular automated backups
• Disaster recovery mechanisms
• Recovery procedures tested periodically

We work only with trusted third-party providers:

• Payment processing via Stripe
• Cloud and AI providers with strong security compliance

We ensure all vendors follow strict data protection standards.

In case of a security incident:

• Immediate investigation and containment
• Remediation and preventive actions

We align with globally recognized standards and practices:

• GDPR principles (for international users)
• Industry-standard security frameworks
• Secure data processing and handling practices

You also play a role in keeping your account secure:

• Use strong passwords
• Do not share login credentials
• Report suspicious activity immediately

If you discover a vulnerability or have concerns, contact us at info@foundersmate.ai.

We take all reports seriously and respond promptly.