Data Security Handling - Mollitiam AI

At Mollitiam Solutions, LLC, we understand that your IT Recovery Plans contain highly confidential and business-critical information. The security and privacy of your data is a top priority. Below we outline the safeguards and practices we use to protect your data throughout its lifecycle.

Secure Document Processing Flow

Secure Uploads

  • Private Temporary Storage Buckets: Each audit submission is uploaded to a dedicated, access-controlled cloud storage bucket.
  • CORS Expiration Policies: Our upload mechanism uses time-limited CORS settings to ensure short-lived, secure upload sessions.
  • HTTPS/TLS Encryption: All uploads occur over encrypted HTTPS connections.

Cloud Infrastructure

  • We use trusted, enterprise-grade cloud providers including AWS, Azure, Google Cloud, and Shopify.
  • All infrastructure enforces encryption at rest and in transit, with hardened configurations and continuous monitoring.
  • Audit data is processed using Weaviate Cloud for secure vector storage and LangGraph Cloud for AI orchestration—both hosted on SOC 2 and ISO 27001-compliant environments.
  • Access to cloud resources is tightly restricted to only what is necessary for processing your audit.

Audit Processing Security

  • Your document is only accessed by our automated AI processing systems.
  • No human reviews your document unless specifically authorized for technical troubleshooting.
  • All processing components are isolated in a controlled cloud environment with fault-tolerant architecture.

Data Retention & Purging

  • Short-Term Retention: Uploaded files are retained only long enough to complete the audit.
  • Automated Deletion: Once your audit is delivered, all uploaded files and temporary analysis artifacts are automatically deleted.
  • No Persistent Storage: We do not retain a copy of your original documents beyond the completion of the audit.

Data Access Controls

  • Internal access is limited using the principle of least privilege.
  • All system activity is logged and monitored for security anomalies.
  • Authentication is enforced for all backend components.

Customer Transparency

  • You own your data. We only use it to deliver the purchased audit.
  • You may request data deletion confirmation at any time by contacting support@mollitiamai.com

Compliance Commitment

While we are not a regulated compliance auditor, we voluntarily follow best practices aligned with:

  • NIST Cybersecurity Framework
  • SOC 2-type operational controls
  • General data protection principles for U.S.-based businesses
  • GDPR-aligned privacy practices
  • PCI DSS compliance via Shopify’s Level 1 certification
  • CSA STAR Level 1 self-assessment (completed)

Our infrastructure partners—including Weaviate Cloud and LangGraph Cloud—inherit SOC 2, ISO 27001, and PCI DSS compliance from their hosting environments (AWS, Azure, GCP), allowing us to deliver secure, scalable audits with confidence.

For further questions about our data handling and security, please contact support@mollitiamai.com

Ready to Audit?

🚀 Start Your Audit