Security

How we protect the data you and your firm trust us with.

Encryption

Your data is encrypted in transit (HTTPS/TLS).

Hosting

Ampoly runs on Amazon Web Services (AWS). We rely on AWS's physical and infrastructure security for the underlying platform.

Tenant isolation

Every firm's data is isolated in its own tenant, so one firm's workspace does not have access to another firm's data.

Your data is portable

Your book stays yours. You can export your data at any time, in standard formats.

Access

Access to production systems is limited to the people who need it to operate the service, each with their own authenticated account.

Responsible disclosure

Found a vulnerability? We want to hear about it. Email security@ampoly.com and we will work with you to confirm and fix it. Please give us a reasonable chance to respond before any public disclosure.

What we do not claim

We do not hold formal certifications (such as SOC 2, ISO 27001, or HIPAA) today, and we will not claim ones we do not have. If your firm needs specific compliance documentation, email security@ampoly.com and we will tell you exactly where we stand.