Skip to content
Zyniq Labs

TRUST CENTER // SECURITY & PRIVACY

Trust & Security.

Operational security, compliance planning, infrastructure specifications, and data handling practices verified at Zyniq Labs.

HostingGoogle Cloud Platform
EncryptionTLS 1.3 / AES-256
Audit statusSOC 2 / ISO 27001 Planned
Compliance Status

Certifications & Frameworks

No compliance certification is displayed or claimed until independent third-party audits are fully completed.

SOC 2 Type II

Planned (Not Certified)

Designing our systems and operational security program around SOC 2 guidelines. Audit targets will be established as the platform matures.

ISO/IEC 27001

Planned (Not Certified)

Mapping information security management system (ISMS) controls. Regular risk analysis and remediation plans are ongoing.

HIPAA & PCI DSS

Not Currently Claimed

No healthcare or direct payment card storage is claimed. Future payment flows will be handled entirely via secure PCI-compliant processors.

Hosting Environment

Cloud Security & Architecture

Google Cloud Platform (GCP)

All compute, storage, and models reside on secure, enterprise-grade GCP instances located in optimized region groups.

Firebase Infrastructure

Websites are deployed via Firebase Hosting. Dynamic scoping requests write to cloud-managed Firestore databases.

Vertex AI integration

Where custom language models or pipelines are deployed, we use private Vertex AI secure endpoints with no external model telemetry sharing.

Security Baseline

Data Security Practices

Transport Layer Security

HTTPS and TLS 1.3 encryption are enforced on all network connections. Plain HTTP requests are automatically redirected to secure TLS routes.

Data At-Rest Encryption

Data stored within Firestore, Cloud Storage, and Google Cloud databases are encrypted at rest using AES-256 keys managed by Google Cloud KMS.

Principle of Least Privilege

Role-Based Access Control (RBAC) and Google Cloud IAM configurations restrict access to infrastructure solely to authorized core engineers.

Secret Management

Developer credentials, Firebase API keys, and environment secrets are injected at build or execution time using Google Cloud Secret Manager.

Firestore Security Rules

Strict database schema validation rules restrict read/write authorization. Clients can only write specific fields, preventing database pollution.

DDoS & Edge Protection

Rate limiting and distributed denial-of-service (DDoS) mitigation are handled natively via Firebase Hosting and Google Cloud edge networks.

Privacy Guard

Privacy-First Engineering

We implement data minimization principles where practical. User inquiries sent through the scoping client are persisted in Firebase, allowing users to request account or personal data deletion by contacting us. For complete guidelines, review our Privacy Policy .

Responsible AI

AI Guardrails & Transparency

We design AI pipelines to run with deterministic validation, persistent memory isolation, and structural guardrails. Our engineering doctrine focuses on preventing hallucination and maintaining human-in-the-loop checkpoints for enterprise decision actions.

Availability & SLAs

Our websites and public platforms are hosted on high-availability managed Google Cloud infrastructure. Zyniq Labs does not currently offer a formal uptime service level agreement (SLA) for public projects. Custom SLA terms and dedicated cluster instances are available for enterprise customers upon procurement.

Vulnerability Disclosure & Security Contact

We appreciate responsible disclosure of potential security vulnerabilities. If you discover a security issue, please contact our security response team directly at: