--- title: "Maybe* Security" last_updated: "2026-04-27T06:42:02.763Z" category: "FAQ" canonical_url: "https://maybeclients.com/h/maybe-help-centre/maybe-security" help_centre: "Maybe* Help Centre" --- # Maybe* Security How does your AI handle sensitive or confidential data? Maybe* implements a robust security framework that includes encrypted communications and strict access controls. Our platform operates on a 'Privacy by Design' principle with integrated GDPR & Regulatory Compliance. We utilise secure cloud storage through Google Cloud and Cloudflare, ensuring all data is handled with the highest security standards. Do you store user data? If so, for how long and where? - We store data in secure cloud storage (Google Cloud, Cloudflare) - Maybe* does not use any client data for AI model training - Users have full data sovereignty and lifecycle control - Data can be instantly removed upon request - Comprehensive audit trails are maintained for all data interactions Is the data encrypted both in transit and at rest? Yes, Maybe* implements encrypted communications with strict access controls as part of our ongoing Zero-Trust Security Framework. Can users opt out of data collection or request data deletion? Yes, Maybe* provides: - Full data sovereignty and lifecycle control - Instant data removal capabilities - Comprehensive audit trails - Complete control over data lifecycle management Do you comply with GDPR, CCPA, or other relevant data privacy laws? Yes, Maybe* maintains: - Standardised GDPR & EU AI Act Compliance - SOC 2 compliance via OpenAI Enterprise Agreement - Cyber Essentials certification - Integrated regulatory compliance frameworks How do you protect your AI models from adversarial attacks? Maybe* implements a multi-layered security approach: - Security Oversight Agent for real-time monitoring - Chaperone Agent for human interaction oversight - Integrated Master Orchestration layer - AI-driven Security & Compliance Monitoring - Real-time security monitoring displays Can Your AI be manipulated or biased by external inputs? We implement several safeguards: - Bias Mitigation & Explainability through innovative EDI agent development - Collaboration with diversity experts - Multi-LLM Strategy with flexible model selection - Automated optimisation processes - Regular monitoring and adjustment of AI behaviours What certifications and compliance standards do you maintain? - SOC 2 certification via OpenAI Enterprise Agreement - Cyber Essentials certified - GDPR & EU AI Act Compliance - 99.5% service availability with real-time monitoring How do you handle incident response? Maybe* has a standardised incident response system: - P0: Immediate response, 24-hour resolution - P1: 1-hour response, 48-hour resolution - P2: 4-hour response, 72-hour resolution - Live support via Slack (09:30-17:00 GMT/BST) or your selected interface Who has access to the AI model and its data? Maybe* implements: - Role-based access controls - Strict access control mechanisms - Full admin control over autonomous AI actions - Comprehensive audit trails with admin access to AI logs - Explainability dashboards Can we integrate AI with our existing security protocols? Yes, Maybe* offers: - Universal Connector Framework with bi-directional data flow - API access with tiered rate limits (1–200 requests per second) - Seamless integration with major CRM, ERP, and business systems - Enterprise-level API & UI Integration capabilities How does the AI make decisions, and can users see explanations? Maybe* provides: - Full admin access to AI logs and explainability dashboards - Real-time monitoring displays for security transparency - Automated AI-driven insights - Customisable interfaces for enterprise deployment - AI-enhanced analytics and business intelligence Can users challenge or override AI-generated outcomes? Yes, through: - Expanded Human Hand-off Controls for AI intervention points - Flexible AI workflow rules - Customisable Agent Configuration tool - Integrated Human-AI Collaboration features