Skip to main content
Cumple con SOC 2 Type II

Arquitectura de Seguridad Empresarial

Encriptación de nivel bancario y controles de privacidad diseñados para datos confidenciales.

Security Commitments

Cero Entrenamiento con Datos

Tus datos nunca se usan para entrenar IA, venderse o compartirse.

Full Data Ownership

You own 100% of your data. Export everything, delete anytime, zero retention after account closure.

Enterprise Infrastructure

Microsoft Azure cloud with ISO 27001 compliance and 24/7 threat monitoring.

Infrastructure Architecture

Microsoft Azure Cloud

All data is hosted on Microsoft Azure with enterprise-grade security, compliance, and redundancy.

ISO 27001Listo para GDPR99.99% Uptime SLATLS 1.3 + AES-256

Estándares de Encriptación

  • En tránsito: TLS 1.3
  • En reposo: AES-256
  • Claves: HSM

Access Control

  • Multi-Factor Authentication (MFA): Required for all accounts
  • Role-Based Access Control (RBAC): Granular permissions per user
  • Session Management: Automatic timeout after 30 minutes of inactivity
  • IP Whitelisting: Available for enterprise accounts

Simplified Security Architecture

Client (TLS 1.3)
Azure Load Balancer
MiCoach API (Encrypted)
Azure Storage (AES-256)
Supabase Auth
AI Analysis Engine

All connections encrypted end-to-end with zero plaintext storage

Data Governance

Data Ownership

You retain 100% ownership of all communication data, analysis results, and generated insights. MiCoach acts solely as a processor, not an owner.

Legal guarantee: Your data is your property. We cannot and will not use it for any purpose other than providing you with executive intelligence services.

Retention Policy

  • Active Accounts: Data retained as long as account is active
  • Deleted Sessions: Permanently removed within 30 days (including backups)
  • Account Closure: All data permanently deleted within 30 days of request
  • Backups: Encrypted backups retained for disaster recovery, deleted per schedule

AI Model Training Policy

Zero Model Training Commitment

MiCoach NEVER uses your communication data to train AI models. Your executive sessions, board meetings, and investor pitches are strictly confidential and excluded from any training datasets.

Compliance & Certifications

Current Compliance

  • Listo para GDPR
  • Azure ISO 27001 Infrastructure
  • TLS 1.3 + AES-256 Encryption

Compliance Roadmap

  • Cumple con SOC 2 Type II — Q3 2025
  • ISO 27001 Direct Certification — 2026
  • HIPAA Compliance — On Request

Incident Response

MiCoach maintains a 24/7 security operations center (SOC) and incident response team:

Detection

Real-time threat monitoring, anomaly detection, intrusion prevention systems

Response

Immediate containment, forensic analysis, customer notification within 24h

Recovery

Automated failover, encrypted backups, disaster recovery SLA < 4 hours

Reporting

Transparent incident reports, root cause analysis, preventive measures

Security Contact

For security inquiries, vulnerability reports, or enterprise security assessments:

Email: security@mi.coach

Expected response time: < 24 hours for critical issues, < 48 hours for general inquiries