Security & Compliance

Security is foundational to SpecNavi. We protect your product requirements with enterprise-grade security, verified processes, and full audit trails.

Security Principles

Our security philosophy focuses on data protection, verified processes, and transparency. We never train AI models on customer data without explicit consent.

No Training on Customer Data

Your source documents and generated requirements are never used to train our AI models. Data isolation is guaranteed.

Verified Generation Only

All AI-generated content passes through verification and human approval before reaching your stakeholders.

Full Audit Trail

Every action is logged. Track who created, modified, or approved each requirement with complete lineage.

Human Approval Required

Critical gates ensure human review before any requirement is published or exported.

Data Protection

Encryption

TLS 1.3 for data in transit
All connections use HTTPS with modern encryption protocols
AES-256 for data at rest
Customer data encrypted when stored in our databases

Access Controls

Role-Based Access Control (RBAC)
Enterprise tiers control who can access, edit, and approve
Comprehensive audit logging
All user actions logged for compliance and security review

Infrastructure & Compliance

SOC 2 Type II Compliant Infrastructure

SpecNavi is hosted on Vercel, which maintains SOC 2 Type II compliance for its infrastructure. This covers data center security, access controls, change management, and environmental controls.

View SOC 2 Controls

Detailed documentation of SOC 2 Common Criteria (CC1-CC9) security controls.

Penetration Testing

Contact for details: Security testing summary and remediation plans available for enterprise customers.

Additional Certifications

Contact for details: Information about additional compliance certifications and third-party audit reports.

Need Security Documentation?

Our security team is available to answer detailed questions, provide documentation for your procurement process, or complete your security questionnaire.

Request Security Review Contact Enterprise Sales

For complete details on data practices, see our Privacy Policy and Terms of Service.