Is MBW SOC 2 certified?
MBW’s security program is aligned with the SOC 2 Trust Services Criteria and is currently undergoing an independent SOC 2 Type II attestation. Formal reporting is expected shortly.
Which SOC 2 Trust Services Criteria are addressed?
MBW’s program aligns with the Security, Availability, and Confidentiality criteria.
How is Customer Data protected?
Customer Data is protected through encryption in transit and at rest, role-based access controls, tenant-level logical isolation, monitoring, and secure operational practices.
Does MBW use Customer Data to train AI models?
No. MBW does not use Customer Data to train, fine-tune, or improve AI models unless the customer provides explicit written authorization. Only MBW’s curated public or licensed IP datasets are used for AI-assisted functionality.
Who owns Customer Data?
Customers retain full ownership of their Customer Data. MBW processes Customer Data solely to provide the Services and fulfill contractual obligations.
Does MBW sell Personal Data?
No. MBW does not sell Personal Data for monetary consideration.
Where is data processed?
MBW is headquartered in the United States. Data may be processed in the U.S. or other jurisdictions as necessary to deliver the Services, with appropriate safeguards in place.
How does MBW handle security incidents?
MBW maintains documented incident-response procedures aligned with industry best practices. Customers are notified in accordance with contractual obligations and applicable law.
Can customers request security documentation?
Yes. Enterprise customers may request relevant security documentation as part of procurement, due-diligence, or compliance reviews.