Trust & Security

Your data security is our top priority. Learn about how we protect your information and maintain enterprise-grade security standards.

256-bit Encryption

GCP Infrastructure

Audit Logging

OAuth SSO

Data Encryption

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Your workshop notes and client information are always protected.

Authentication

SSO via Google OAuth. OAuth 2.0 with secure token handling. No passwords stored for production users.

Access Control

Role-based access control (RBAC) at system, organization, and project levels. Principle of least privilege enforced.

Infrastructure

Hosted on Google Cloud Platform with private VPC networking, Cloud Armor WAF protection, and automatic scaling.

Audit Logging

Comprehensive audit logs of all user actions. Organization admins can view and export their audit trail for compliance.

Data Retention

Configurable data retention policies. Full data export in JSON format. Data deletion upon request within 30 days.

Compliance & Certifications

Current Measures

HTTPS/TLS encryption on all endpoints
OAuth 2.0 authentication
Role-based access control
Audit logging with 90-day retention
Data export for portability
Security headers (HSTS, CSP, etc.)

Exploring

GDPR Data Processing Agreements
Planned
Penetration testing
Planned

Subprocessors

We use the following third-party services to provide Exordia:

Provider	Purpose	Location
Google Cloud Platform	Infrastructure, Database, Storage	United States
Anthropic	AI Processing (Claude)	United States
Google (Gemini)	AI Processing	United States
Google OAuth	Authentication	Global
SMTP Provider	Transactional Email	United States

Security Questions?

If you have security concerns or want to report a vulnerability, please contact us.

admin@exordiacloud.com security.txt

Last updated: February 2026

Trust & Security

Your data security is our top priority. Learn about how we protect your information and maintain enterprise-grade security standards.

256-bit Encryption

GCP Infrastructure

Audit Logging

OAuth SSO

Data Encryption

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Your workshop notes and client information are always protected.

Authentication

SSO via Google OAuth. OAuth 2.0 with secure token handling. No passwords stored for production users.

Access Control

Role-based access control (RBAC) at system, organization, and project levels. Principle of least privilege enforced.

Infrastructure

Hosted on Google Cloud Platform with private VPC networking, Cloud Armor WAF protection, and automatic scaling.

Audit Logging

Comprehensive audit logs of all user actions. Organization admins can view and export their audit trail for compliance.

Data Retention

Configurable data retention policies. Full data export in JSON format. Data deletion upon request within 30 days.

Compliance & Certifications

Current Measures

HTTPS/TLS encryption on all endpoints
OAuth 2.0 authentication
Role-based access control
Audit logging with 90-day retention
Data export for portability
Security headers (HSTS, CSP, etc.)

Exploring

GDPR Data Processing Agreements
Planned
Penetration testing
Planned

Subprocessors

We use the following third-party services to provide Exordia:

Provider	Purpose	Location
Google Cloud Platform	Infrastructure, Database, Storage	United States
Anthropic	AI Processing (Claude)	United States
Google (Gemini)	AI Processing	United States
Google OAuth	Authentication	Global
SMTP Provider	Transactional Email	United States

Security Questions?

If you have security concerns or want to report a vulnerability, please contact us.

admin@exordiacloud.com security.txt

Last updated: February 2026