Security & Privacy
Duvo is an AI-native automation platform that automates complex processes across UIs and APIs. The platform is designed so that automation reduces risk: assignments operate within strict access boundaries, every action is auditable, and our use of AI vendors is governed by clear contractual and technical controls.
1. Security Governance & Control Framework
Control framework
Duvo is SOC 2 Type II certified
Controls aligned with SOC 2 Trust Services Criteria (Security, Availability, Confidentiality)
Duvo maintain strict controls around data security, availability, and confidentiality
Risk & oversight
Security and risk reviewed at executive level on a regular cadence.
Annual formal risk assessment with documented treatment plans and remediation tracking.
Policies & training
Core policies (Information Security, Access Control, Vendor Risk, Data Protection & Privacy, Incident Response, Acceptable Use) reviewed at least annually.
All employees complete mandatory security and privacy training at onboarding and annually thereafter.
2. Infrastructure & Platform Security
Hosting & network
Hosted on leading cloud providers with hardened configurations and network segmentation.
Full disclosure of subprocessors available upon request.
Identity, access & MFA
All access to production systems is authenticated, role-based, and enforced with MFA and least-privilege.
Encryption & key management
In transit: TLS 1.2+ for all external and internal service communications.
At rest: Industry-standard encryption (e.g., AES-256) for databases, storage, and backups.
Keys managed via cloud-native KMS, with access controls and rotation policies.
Endpoint & device security
Company endpoints use full-disk encryption
Monitoring, availability & incident response
Centralized logging and monitoring of infrastructure, application health, and security-relevant events.
Redundant, multi-AZ architecture designed to minimize downtime.
Documented incident response plan, on-call rotation, and post-incident review process.
Vulnerability management
Regular automated scanning of infrastructure and applications.
Patch management and remediation timelines driven by risk severity.
3. Application, Assignment & Browser Security
Authentication, SSO & RBAC
Unique accounts for all users
Fine-grained RBAC across:
Human roles (admins, managers, users).
Assignments themselves (which systems, environments, and actions an assignment can perform).
Assignments can only access systems that are within security scope of users using the assignments to perform processes
Tenant isolation
Logical segregation of customers at the application and data layers.
Cross-tenant access is technically prevented; multi-tenant components enforce tenant scoping in all queries.
Secure SDLC & environments
All production changes are peer-reviewed and tracked in version control.
Automated and manual testing (including regression and security checks) before deployment.
Strict separation of dev / staging / production; production data is not used in lower environments.
Automation & Duvo "Enterprise Browser"
UI automation runs in ephemeral remote browser sandboxes, not on end-user devices.
Browsing sessions are isolated per task, local storage is not shared between customers.
Logins for target systems (e.g., internal portals) are stored in hardened secret stores and scoped to specific assignments/workflows.
Human-in-the-loop & approvals
Assignments can be configured to request explicit human approval for high-risk actions (e.g., changes in internal systems, sending external emails).
All approvals, rejections, and resulting actions are fully logged.
Auditability
Comprehensive audit trails for assignment jobs, configuration changes, access changes, and approvals.
4. Data Protection & Privacy
Data classification & lifecycle
Retention and deletion policies for logs, configuration, and content aligned with contractual and regulatory obligations.
Access to customer data
Role-based, need-to-know access to production data; approvals and access are time-bound wherever possible.
All privileged access is logged and regularly reviewed (at least quarterly access reviews).
Privacy & regulatory alignment
Program aligned with GDPR principles, support for data subject rights (access, deletion, rectification) through defined processes.
Public Privacy Policy, DPAs, and list of sub-processors available on request.
Deletion & anonymization
Capabilities to delete or render data unusable on request, including end-user content and workspace data, subject to legal and backup constraints.
5. Use of AI / LLM Providers (Anthropic ZDR & Others)
Anthropic as primary AI provider
Duvo integrates Anthropic's Claude models as a core reasoning engine under enterprise commercial terms.
Zero Data Retention (ZDR)
All Anthropic API calls from Duvo are made in Zero Data Retention mode:
Prompts and outputs are not logged for training,
Not retained beyond transient processing by Anthropic.
Duvo does not use Anthropic's consumer interfaces (e.g., free/pro web UI) for customer workloads.
Data minimization & protection with LLMs
Only the minimal context required to perform a task is sent to the model.
Other model providers / BYO endpoints
Support for other enterprise LLM APIs and customer-hosted model endpoints.
You can constrain the platform to specific providers, regions, or endpoints that satisfy your data residency and compliance requirements.
Vendor risk management
Critical sub-processors (LLM providers, cloud, browser sandboxing, observability) undergo security and privacy review.
DPAs and data-handling terms are in place, with clear limits on data use and confidentiality obligations.
Last updated