Legal

Security policy

A summary of opzo.ai’s security posture. For our full security pack — sub-processors, retention, incident response, AI use statement — please contact pitchumani.sankaran@opzo.ai.

Last updated: 10 May 2026

Hosting

Microsoft Azure Australia East (primary) and Australia Southeast (failover). All compute, storage, vector search and AI inference onshore.

Identity

Auth0 OIDC SSO across the suite. MFA available. Per-app and per-organisation role-based access control.

Encryption

TLS 1.2+ in transit. AES-256 at rest. Customer-managed keys via Azure Key Vault available on Enterprise plans.

AI safety

PII detection and redaction at the AI boundary. Cited reasoning. Reasoning trace persistence. Human-in-the-loop approval for high-stakes outputs.

Audit

Org-scoped audit log of all significant actions. Exportable. Retention configurable per plan.

This is a public summary. The legally binding document for your contract is the version executed as part of your subscription agreement. Please contact pitchumani.sankaran@opzo.ai with any questions.