Trust Center
OpenAssistant's security posture, compliance certifications, and policy documents — all in one place.
Security is core to everything we build.
OpenAssistant handles calendar data, contact information, and communication metadata on behalf of users and their organizations. We take that responsibility seriously. This page summarizes our security and compliance program so you can make an informed decision about trusting us with your data.
Questions? security@openassistant.us
Certifications & Compliance
SOC 2 Type II
Audited annually by an independent CPA firm.
GDPR Compliant
Data protection rights for EU residents.
CCPA Compliant
Privacy rights for California consumers.
Encrypted in Transit & at Rest
TLS 1.2+ in transit. AES-256 at rest.
OpenAssistant is backed by Mozilla Ventures, an investment fund focused on security, privacy, and Trustworthy AI. Their backing reflects a shared commitment to building AI products people can actually trust.
How We Protect Your Data
Encryption
All data encrypted in transit via TLS 1.2+ and at rest via AES-256.
Access Controls
Role-based access and least-privilege principles enforced across all systems.
Annual Pen Testing
Third-party penetration tests conducted annually. Results available May 2026.
Vendor Management
All sub-processors bound by data processing agreements and security requirements.
No AI Training on Your Data
We never train on your data. AI providers are contractually prohibited from doing so.
Data Deletion
Delete your account and all associated data at any time. Completed within 30 days.