Security & Privacy

Duvo is an AI-native automation platform that automates complex processes across UIs and APIs. The platform is designed so that automation reduces risk: assignments operate within strict access boundaries, every action is auditable, and our use of AI vendors is governed by clear contractual and technical controls.

1. Security Governance & Control Framework

Control framework

• Duvo is SOC 2 Type II certified

• Controls aligned with SOC 2 Trust Services Criteria (Security, Availability, Confidentiality)

• Duvo maintain strict controls around data security, availability, and confidentiality

Risk & oversight

• Security and risk reviewed at executive level on a regular cadence.

• Annual formal risk assessment with documented treatment plans and remediation tracking.

Policies & compliance

• Core policies (Information Security, Access Control, Vendor Risk, Data Protection & Privacy, Incident Response, Acceptable Use) reviewed at least annually.

• All Duvo employees complete mandatory security and privacy awareness programs at onboarding and annually thereafter.

2. Infrastructure & Platform Security

Hosting & network

• Hosted on leading cloud providers with hardened configurations and network segmentation.

• Full disclosure of subprocessors available upon request.

Identity, access & MFA

• All access to production systems is authenticated, role-based, and enforced with MFA and least-privilege.

Encryption & key management

• In transit: TLS 1.2+ for all external and internal service communications.

• At rest: Industry-standard encryption (e.g., AES-256) for databases, storage, and backups.

• Keys managed via cloud-native KMS, with access controls and rotation policies.

Endpoint & device security

• Company endpoints use full-disk encryption

Monitoring, availability & incident response

• Centralized logging and monitoring of infrastructure, application health, and security-relevant events.

• Redundant, multi-AZ architecture designed to minimize downtime.

• Documented incident response plan, on-call rotation, and post-incident review process.

Vulnerability management

• Regular automated scanning of infrastructure and applications.

• Patch management and remediation timelines driven by risk severity.

3. Application, Assignment & Browser Security

Authentication, SSO & RBAC

• Unique accounts for all users

• Fine-grained RBAC across:

  • Human roles (admins, managers, users).

  • Assignments themselves (which systems, environments, and actions an assignment can perform).

  • Assignments can only access systems that are within security scope of users using the assignments to perform processes

Tenant isolation

• Logical segregation of customers at the application and data layers.

• Cross-tenant access is technically prevented; multi-tenant components enforce tenant scoping in all queries.

Secure SDLC & environments

• All production changes are peer-reviewed and tracked in version control.

• Automated and manual testing (including regression and security checks) before deployment.

• Strict separation of dev / staging / production; production data is not used in lower environments.

Automation & Duvo "Enterprise Browser"

• UI automation runs in ephemeral remote browser sandboxes, not on end-user devices.

• Browsing sessions are isolated per task, local storage is not shared between customers.

• Logins for target systems (e.g., internal portals) are stored in hardened secret stores and scoped to specific assignments/workflows.

Human-in-the-loop & approvals

• Assignments can be configured to request explicit human approval for high-risk actions (e.g., changes in internal systems, sending external emails).

• All approvals, rejections, and resulting actions are fully logged.

Auditability

• Comprehensive audit trails for assignment jobs, configuration changes, access changes, and approvals.

4. Data Protection & Privacy

Data classification & lifecycle

• Retention and deletion policies for logs, configuration, and content aligned with contractual and regulatory obligations.

Access to customer data

• Role-based, need-to-know access to production data; approvals and access are time-bound wherever possible.

• All privileged access is logged and regularly reviewed (at least quarterly access reviews).

Privacy & regulatory alignment

• Program aligned with GDPR principles, support for data subject rights (access, deletion, rectification) through defined processes.

• Public Privacy Policy, DPAs, and list of sub-processors available on request.

Deletion & anonymization

• Capabilities to delete or render data unusable on request, including end-user content and workspace data, subject to legal and backup constraints.

5. Use of AI / LLM Providers (Anthropic ZDR & Others)

Anthropic as primary AI provider

• Duvo integrates Anthropic's Claude models as a core reasoning engine under enterprise commercial terms.

Zero Data Retention (ZDR)

• All Anthropic API calls from Duvo are made in Zero Data Retention mode:

  • Prompts and outputs are not used for model training,

  • Not retained beyond transient processing by Anthropic.

• Duvo does not use Anthropic's consumer interfaces (e.g., free/pro web UI) for customer workloads.

Data minimization & protection with LLMs

• Only the minimal context required to perform a task is sent to the model.

Other model providers / BYO endpoints

• Support for other enterprise LLM APIs and customer-hosted model endpoints.

• You can constrain the platform to specific providers, regions, or endpoints that satisfy your data residency and compliance requirements.

Vendor risk management

• Critical sub-processors (LLM providers, cloud, browser sandboxing, observability) undergo security and privacy review.

• DPAs and data-handling terms are in place, with clear limits on data use and confidentiality obligations.