Security at Decide

• All connections use TLS 1.2+ to ensure data is securely transmitted.
• Files and databases are encrypted using AES-256 standards.
• Hashed and salted with bcrypt.
• All external integrations use OAuth 2.0 and Google-approved scopes.

• Internal access follows the principle of least privilege.
• All admin and engineering accounts use multi-factor authentication.
• Access logs and permissions are regularly reviewed.
• We never share user data with third parties without explicit consent.

We rely on trusted, compliant partners to deliver reliable performance and uptime. All subprocessors maintain their own SOC 2 and GDPR compliance and meet modern security benchmarks.

• DigitalOcean – infrastructure hosting
• Google Gemini – AI model processing
• Grok – model inference support
• E2B – secure code execution sandbox
• MongoDB Atlas – managed database service
• Redis – in-memory caching

• You control your data and can export or delete it anytime.
• We do not sell, rent, or trade your data.
• Data is only processed to help you analyze and visualize it.
• We follow GDPR principles of transparency, data minimization, and user control.

• We adhere to industry best practices and are actively pursuing SOC 2 and GDPR compliance to strengthen our controls and audit capabilities.
• Our focus is on continuous improvement.

If you discover a potential security issue, we would love to hear from you.

• Email us at [email protected] and we will investigate all reports promptly and responsibly.

Transparency and Trust

Decide is built with the same care we expect from the tools we use daily. We value your trust and continuously improve our systems to maintain the highest level of data integrity and protection.