Book a Demo
Login
Login
SECURITY

Your CFO Will Ask About Security.
Here Are the Answers.

SOC 2 compliance in progress. AES-256 encryption. Explainable AI audit trails. 100% data ownership. Every optimization decision documented and auditable. Built for brands that need enterprise-grade security with autonomous marketing execution.
Request Security Documentation Security Details

  • AES-256 Encryption. Zero Unencrypted Data.

    1. DATA PROTECTION

    All data encrypted at rest (AES-256) and in transit (TLS 1.3). Ad account credentials stored in hardware security modules. Database backups encrypted. PII pseudonymized where possible. No unencrypted data leaves our infrastructure.

  • Every Decision Documented. Every Dollar Tracked.

    2. FULL AUDIT TRAIL

    Not "we optimized your campaigns." Instead: "CPA on Meta ad set 3 rose 18% at 2:14 AM due to audience saturation signal. Shifted $2,400 to Google Search where CPA was 31% lower." Your compliance team can audit any decision at any time.

  • 100% Data Ownership. Zero Lock-In.

    3. YOU OWN EVERYTHING

    All ad accounts, campaign data, audience segments, and creative assets belong to you. Minora operates within your accounts via OAuth (no passwords stored). Cancel anytime. Everything stays with you. No data hostage situations.

Security Infrastructure

COMPLIANCE

Certifications and Standards

  • SOC 2 Type II (in progress)

    Following SOC 2 security principles: access controls, encryption, change management, incident response.

  • GDPR and CCPA compliant (IN PROGRESS)

    Data minimization, right to erasure, data portability, and processing agreements for all clients.

  • Data Processing Addendum

    Enterprise DPA available covering data handling, processing purposes, retention, and deletion procedures.

  • Vulnerability disclosure program

    Responsible disclosure for security researchers. 24-hour response SLA for reported vulnerabilities.
INFRASTRUCTURE

Technical Security Controls

  • AES-256 encryption at rest

    All stored data encrypted with industry-standard AES-256 encryption.

  • TLS 1.3 in transit

    All data transfer encrypted with TLS 1.3. No unencrypted connections permitted.

  • OAuth-based access

    No password storage. API-based access to ad platforms via OAuth. Revocable by you at any time.

  • HSM credential storage

    Sensitive credentials stored in hardware security modules, not in application databases.

Agencies Hold Your Data Hostage. Minora Gives You the Keys.

  • THE PROBLEM

    Your agency owns the ad accounts. Your pixel data lives in their dashboard. Your audience segments are built on their platform. Leaving means losing years of campaign learning and starting from scratch.

  • HOW MINORA HELPS

    You own 100% of everything: ad accounts, pixel data, audience segments, creative assets, and campaign history. Minora operates within your infrastructure. Cancel anytime. Walk away with every data point intact.

  • METRIC

    0 exit fees. 0 lock-in contracts. 100% data portability. 30-day data purge after cancellation.

Black Box AI is Unacceptable. Every Decision Must Be Explainable.

  • THE PROBLEM

    Most AI marketing tools are black boxes: they optimize, but you do not know why. When the CFO asks "why did we spend $12,000 on TikTok last Tuesday?" nobody can answer.

  • HOW MINORA HELPS

    Explainable AI: every bid adjustment, budget shift, and creative rotation logged with the data signal that triggered it and the measured outcome. Your CFO can trace any dollar from decision to result.

  • METRIC

    100% of optimization decisions documented with data triggers. Full audit trail accessible in real time. CFO-ready at any moment.

Frequently Asked Questions

  • Question:
    Is Minora AI SOC 2 compliant?
    Answer:
    SOC 2 Type II compliance is in progress. We follow SOC 2 security principles across all systems. Completion timeline available during sales conversations.
  • Question:
    How does Minora handle data encryption?
    Answer:
    AES-256 at rest, TLS 1.3 in transit. Credentials in HSMs. Backups encrypted. No unencrypted data leaves our infrastructure.
  • Question:
    Who owns the data?
    Answer:
    You do. 100%. All accounts, data, segments, and assets belong to you. We do not retain, resell, or use your data for other clients.
  • Question:
    Can my team audit decisions?
    Answer:
    Yes. Every decision logged with data signal, action taken, and outcome. Full audit trail accessible through your dashboard at any time.
  • Question:
    Does Minora have my ad account passwords?
    Answer:
    No. OAuth-based API integrations. No passwords stored. Access revocable by you through platform native settings.
  • Question:
    How is PII handled?
    Answer:
    Data minimization. PII pseudonymized where possible. GDPR and CCPA compliant. DPA available for enterprise clients.
  • Question:
    What happens to data if I cancel?
    Answer:
    Your data stays in your ad accounts. Processing data purged within 30 days. Final export of reports and analytics provided before closure.
  • Question:
    Is there a vulnerability reporting program?
    Answer:
    Yes. Responsible disclosure program with 24-hour response SLA for reported vulnerabilities.

Enterprise Security. Autonomous Execution.

Request our security documentation and compliance details.
Request Security Docs Security Details