Trust & Security
Tasklet is built from the ground up to securely handle your most sensitive business data, integration credentials, and service connections.
Our team’s security expertise
Before Tasklet, our engineering team built high-security, high-reliability data systems at Google Cloud. We have deep experience building and operating cloud products that handle mission-critical business data.
CASA Tier 2 certified
Tasklet has been reviewed by third-party security auditors to ensure we comply with strict security requirements. We undergo an annual security audit to maintain this certification. Learn more about CASA (Cloud Application Security Assessment).
How Tasklet protects your data
Secure infrastructure
- All data is stored in Google Cloud’s highly secure & compliant data centers
- Data is encrypted at rest using AES-256 and encrypted in transit using TLS 1.2+
- We employ a “defense in depth” philosophy where every system is protected by multiple layers of security
Isolated execution environments
Every Tasklet agent runs in its own isolated sandbox environment. Your code, data, and credentials are never accessible to other users.
Your data stays yours
- We never sell your data
- Your data is never used to train third-party AI models
- Customer data is only provided to sub-processors as necessary to deliver our service
- Your conversation data is only accessed by the Tasklet team with your permission, which you can revoke at any time from settings
Credential security
API keys and credentials you share with Tasklet for Direct API connections are stored in an encrypted credential vault with strict access controls.
Internal access controls
Access to customer data by Tasklet team members is tightly controlled through a centralized admin dashboard. No customer data is ever accessed by an employee without explicit customer permission.
Sub-processors
We keep both the sub-processors we use and the data we send to them to an absolute minimum. Currently we only use:
| Sub-processor | Purpose |
|---|---|
| Anthropic | AI model provider |
| Google Cloud Platform | Infrastructure & AI services |
| Blaxel | Agent infrastructure |
Compliance
| Standard | Status |
|---|---|
| CASA Tier 2 | ✅ Certified |
| SOC 2 Type II | 🔄 In progress |
| GDPR | 🔄 In progress |
If your organization has specific compliance requirements, please contact us at sales@tasklet.ai.
Vulnerability disclosure
At Tasklet, we believe that great products require stellar security. No software is perfect and sometimes vulnerabilities happen. We believe working with security researchers is essential in keeping our software secure. If you have found a vulnerability in our software, we encourage you to report it to us so we can work with you to resolve the issue.
Disclosure policy:
- We will make a reasonable effort to fix the vulnerability as soon as you have notified us about the vulnerability.
- We ask you do not disclose the vulnerability to third-parties or the public until we have had a reasonable time to fix the issue.
- Only use accounts you own or for which you have explicit permission from the owner to use.
- We ask you make a good faith effort to avoid privacy violations, degradation of service, or loss of data.
- Bugs should be reported to security@tasklet.ai. Bug bounties may be available for reports at our sole discretion.
Exclusions: Denial-of-service attacks (DoS), spamming, social engineering of Tasklet employees, clients, or users, and exploits that involve any physical form of attack or damage.
We consider security research and activity performed in accordance to this policy as authorized.
Deleting your account & data
If you wish to permanently delete your account and all associated data, you can do so at any time through support settings. This action cannot be undone.
Privacy Policy & Terms of Service
For additional information about our privacy practices and terms of use, see our Privacy Policy and Terms of Service.