Security & Compliance
Enterprise-grade security. Without the enterprise paperwork.
Kyrospect is built so that the data you trust us with stays exactly where it belongs — encrypted on capture, isolated by workspace, and visible only to you.
Encryption at every layer
AES-256 at rest in dedicated single-tenant workspaces. TLS 1.3 minimum in transit. Activity payloads encrypted on the employee device before they ever leave.
Smart Privacy Blur — on-device
Sensitive screen content (passwords, banking, private chats) is detected and blurred locally before screenshot capture. The redacted content is never transmitted or stored.
Workspace isolation
Every customer gets cryptographically isolated storage. No shared multi-tenant pool. Cross-workspace access is architecturally impossible — not just disabled.
Granular access control
Owner → Manager → User hierarchy with per-role, per-team, per-project policy controls. Every administrative action is logged and exportable.
Auditability by default
Workspace owners can pull a full activity log of policy changes, exports, and access events. Built for SOC 2 / ISO 27001 audit readiness.
Global compliance posture
GDPR (EU/UK), India DPDP 2023, US CCPA/CPRA, Australia Privacy Act, UAE PDPL. A Data Processing Agreement is available on request.
Compliance
Frameworks we map to
Found a security issue?
We treat coordinated disclosure as a partnership. Email security@kyrospect.com with reproduction details. We acknowledge within 24 hours and will keep you in the loop until resolution. Hall-of-fame credit available on request.
PGP key fingerprint available on request. Please do not test against production data of other customers.
Frequently Asked
Security & compliance Q&A
A SOC 2 Type II audit is in progress. Kyrospect is built against SOC 2 Trust Services Criteria today (security, availability, processing integrity, confidentiality, privacy) and a current readiness summary is available to enterprise prospects under NDA.
Activity data is encrypted with AES-256 on the employee device before it leaves. It travels via TLS 1.3 and is stored encrypted at rest in a dedicated, single-tenant workspace. Screenshots have on-device Smart Privacy Blur applied before capture.
No. The architecture is designed so workspace data is accessible only to authorised administrators within that workspace. Support access requires explicit, logged customer authorisation.
Yes — purpose limitation, consent management, data minimisation, defined retention windows, and the right of every employee to view their own data are built into the product. A bilingual (English / Hindi) employee notice template is provided to customers.
Yes. Kyrospect honours consumer rights to know, delete, correct, and limit use of sensitive data. We do not sell personal information and do not use Customer Data for advertising.
All sub-processors operate under Data Processing Agreements with equivalent confidentiality and security obligations. The current sub-processor list is provided to customers under their DPA — material additions trigger 30-day advance notice.
Customers are notified of any confirmed incident affecting their data within 72 hours, including scope, root cause, remediation, and prevention steps. Detailed runbook available under NDA.
Need to share with your security team?
We'll send a security overview deck, sample DPA, sub-processor list, and SOC 2 readiness summary under NDA.