Security

Encryption

Data is encrypted in transit (TLS) and at rest. Keys and storage are managed using industry-standard cloud controls appropriate to the sensitivity of the information we process.

Access control

• Role-based access within the product for advisers, paraplanners, and admins.
• Least-privilege access for AutoDraft staff to production systems.
• Authentication and session policies aligned with enterprise expectations.

AI and training data

We do not use your client data to train public AI models. Processing is scoped to delivering the service you subscribe to, with human review workflows where you require them.

Availability and monitoring

We monitor services for availability and suspicious activity. Incident response procedures are maintained and updated as we scale.

Compliance roadmap

We align with GDPR and work toward recognised assurance frameworks (for example ISO 27001) as part of our enterprise readiness. Ask for the latest status on a walkthrough.