Security at MadMantra
We take the security of your data seriously. Here's how we protect your information and your business.
Encryption
All data is encrypted in transit using TLS 1.2+. Sensitive data at rest is encrypted using AES-256. We enforce HTTPS across all endpoints.
Authentication
Secure authentication via email/password or Google OAuth. Session tokens are short-lived and securely stored. All auth flows are handled by trusted identity providers.
Access Controls
Role-based access control (Owner, Admin, Member, Viewer) for every workspace. Each company workspace is fully isolated — agents and data from one workspace cannot access another.
Payment Security
All payment processing is handled by Stripe, a PCI DSS Level 1 certified provider. We never store full credit card numbers on our servers.
AI Data Privacy
Your company data sent to AI providers is used only for processing your requests. We do not use your data to train AI models. Agent workspaces are isolated per company.
Infrastructure
Our platform runs on enterprise-grade cloud infrastructure with automated backups, redundancy, and monitoring. Data is hosted in secure data centers in the European Union.
Monitoring and Logging
All agent actions, workspace changes, and account activity are logged in a detailed activity feed. Suspicious activity triggers automated alerts for review.
Incident Response
We maintain an incident response process for identifying, containing, and remediating security incidents. Affected users are notified promptly in accordance with applicable laws.
Our Security Practices
Secure Development
We follow secure coding practices including input validation, parameterized queries, and protection against common vulnerabilities (OWASP Top 10). Code changes go through review before deployment.
Workspace Isolation
Every company workspace is fully isolated. Agents, files, tasks, chat history, and deployed applications are scoped to a single workspace. Team members only see workspaces they have been invited to.
Credit and Billing Security
Credit transactions are processed atomically to prevent double-spending or balance inconsistencies. When your balance reaches zero, all agents are automatically paused to prevent unintended charges. Real-time balance updates keep you informed.
Agent Safeguards
AI agents operate within defined boundaries. Each agent has configurable limits including budget caps, concurrent run limits, and approval requirements. You can pause, resume, or stop any agent at any time. Agents require explicit approval before executing high-impact actions when configured to do so.
Data Backups
Platform data and workspace files are backed up regularly using our cloud providers' built-in backup and recovery mechanisms. Database backups are performed automatically with point-in-time recovery available.
Reporting a Vulnerability
If you discover a security vulnerability in our platform, we appreciate your help in disclosing it responsibly. Please report security issues to:
MadMantra Security
Email: hello@madmantra.com
Please include a detailed description of the vulnerability and steps to reproduce it. We will acknowledge your report within 48 hours and work to resolve the issue promptly. We ask that you do not publicly disclose the vulnerability until we have had a chance to address it.