Trust signals

SOC 2 Type II audit in progress with target completion Q3 2026. Controls for security, availability, and confidentiality are implemented. Report will be available to enterprise customers upon completion.

Full GDPR compliance: data processing agreements, right to access/delete/port, consent management, DPO contact, and 72-hour breach notification. EU data processed in EU-West region.

California Consumer Privacy Act compliance: right to know, right to delete, right to opt out, non-discrimination. We do not sell personal information.

Personal Information Protection and Electronic Documents Act compliance for Canadian users. Consent-based data collection, purpose limitation, and individual access rights.

All payment processing is handled by Stripe, a PCI-DSS Level 1 certified payment processor. Mani never stores, processes, or transmits card data. Your payment information goes directly to Stripe.

Target uptime of 99.9% for all production services. Real-time status monitoring with public status page. Incident response within 15 minutes for critical issues.

Your Brand DNA, generated content, and usage data are never used to train AI models. Your data is yours. Generation outputs are not shared between accounts or used to improve models for other customers.

All data encrypted at rest using AES-256-GCM. All data encrypted in transit using TLS 1.3. Database connections encrypted. Backups encrypted. No exceptions.