Skip to main content

Trust & Infrastructure

How We Protect Your Data

Valentino AI is built on Google Cloud infrastructure. Here is exactly how we protect your data — no buzzwords, just facts.

Encryption at Rest

All data stored in Google Cloud Firestore is encrypted with AES-256 automatically. This is managed by Google Cloud — we inherit their infrastructure security.

Encryption in Transit

All connections use TLS 1.3. Traffic between your browser and our servers, and between our servers and third-party APIs (Gemini, Perplexity, Apify) is encrypted.

Data Isolation

Firestore security rules enforce per-user data isolation. Users can only read and write their own data. Admin access is restricted to the platform owner.

Zero Data Training

We never use your business data, generated reports, or uploaded images to train AI models. Your proprietary information stays yours.

Server-Side Secrets

API keys for Gemini, OpenRouter, Apify, Apollo, and other services are stored server-side only. They are never exposed to the client browser.

Authentication

Firebase Authentication handles user auth with email verification, Google OAuth, and password reset flows. We never store raw passwords.

Infrastructure Providers

Our security posture is built on the compliance certifications of our infrastructure providers:

Google Cloud / Firebase

SOC 1/2/3, ISO 27001, HIPAA, FedRAMP

Vercel

SOC 2 Type II, ISO 27001, GDPR

Cloudflare (DNS/CDN)

SOC 2 Type II, ISO 27001, PCI DSS

Compliance & Privacy Posture

Where we stand today. We list status honestly — certifications-in-progress are flagged, not implied.

In progress

SOC 2 Type II

We inherit SOC 2 from Google Cloud and Vercel today. A direct Valentino AI audit is on the roadmap; reach out if you need our security questionnaire for procurement.

Active

GDPR & CCPA

Users in the EU and California can request data export or deletion from privacy@valentinoai.com. We do not sell personal data, and we honor opt-outs from training (see “Zero Data Training” above).

Active

Data Processing Agreement

DPA available on request for business customers. Email hello@valentinoai.com.

Future

HIPAA

Not currently in scope. Don’t upload PHI to Valentino AI today.

Last reviewed: May 2026

Reporting Security Issues

If you discover a security vulnerability, please report it responsibly to security@valentinoai.com (or hello@valentinoai.com). We take all reports seriously and will respond within 48 hours.