AHIADVANCED HUMAN INTELLIGENCE Back to Home

Security at AHI

Your fundraising data is sensitive. We treat security as a product feature, not a compliance checkbox.

Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.3). Vault files use additional encryption layers. OAuth tokens encrypted at rest.

Access control

Role-based permissions. Data rooms have per-investor access with full audit trails. All integrations use least-privilege, read-only OAuth scopes.

Audit logging

Every file view, download, and share is logged with timestamps and viewer identity. Full accountability on every document.

Infrastructure

SOC 2-compliant infrastructure. Automatic backups. DDoS protection. 99.9% uptime SLA.

Google Integration Security

AHI integrates with Google Workspace to power network mapping and calendar intelligence. We follow industry best practices for these integrations:

  • Read-only, always. AHI never modifies, writes to, or deletes from your Google account. Every scope we use is read-only.
  • Least privilege. We request only the minimum permissions each feature requires: contacts.readonly for network mapping, calendar.readonly for meeting sync. Nothing more.
  • Encrypted token storage. OAuth tokens are encrypted at rest and never exposed in client-side code or browser storage.
  • You control the sync. Data syncing only happens when you explicitly click the action in Settings. We never background-sync without your initiation.
  • Instant disconnection. Disconnecting Google in Settings immediately revokes the OAuth token at Google and deletes all stored tokens from our systems.
  • No selling. No advertising. Your Google data is never sold, shared for advertising, or given to third parties for their own purposes.

AHI's use of Google user data adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Authentication security

AHI supports email/password and Google Sign-In. Passwords are hashed using bcrypt. Sessions use short-lived JWT tokens with automatic refresh. All authentication flows are encrypted end-to-end.

Responsible disclosure

Found a security vulnerability? Email security@ahi.vc. We respond within 48 hours and take every report seriously.

Compliance

AHI is designed to support GDPR, CCPA, and SOC 2 compliance. We conduct regular third-party security assessments. Our Google API integration complies with Google's Limited Use policy.

Where your data lives

AHI processes data in the United States using SOC 2-compliant cloud infrastructure. EEA users: we apply appropriate safeguards for international data transfers.

Questions?

For security-related inquiries, contact security@ahi.vc.

LootMogul Inc., 2025 Gateway Place, Suite 240, San Jose, CA 95110.