Legal
Last updated May 1, 2026 · Questions? contact us.
Security is part of the runtime, not a bolt-on. This page summarises how we protect your graphs, data and credentials — and how to report an issue.
We maintain independent attestations and align our controls to recognised standards:
Data is encrypted in transit (TLS 1.3) and at rest (AES-256). Secrets are stored in an isolated vault, scoped per node, and never written to run logs.
Each tenant runs in an isolated execution context. Internal access follows least-privilege, requires SSO and hardware keys, and is logged and reviewed.
The runtime is multi-region with automated failover. Backups are encrypted, tested by restore, and retained per policy. Durable runs let workloads survive infrastructure events.
Found a vulnerability? We want to hear from you. Email security@fix.net with details; we acknowledge within 48 hours and run a coordinated-disclosure program with researcher recognition.
Our infrastructure providers are bound by security and data-processing terms. Live availability is published on the status page.