Security and privacy are foundational to everything we build.
At MBW, security and privacy are not afterthoughts or marketing claims. They are embedded into our product architecture, operational processes, and company culture. From day one, we have designed our platform to meet the expectations of enterprise, legal, and regulated-industry customers—while respecting customer data ownership and privacy by design.
SOC 2–Aligned Security Program
MBW operates under a comprehensive security program aligned with the SOC 2 Trust Services Criteria, including Security, Availability, and Confidentiality. Our controls span governance, technical safeguards, and continuous monitoring to protect customer data, platform integrity, and system availability.
Our security program is undergoing an independent SOC 2 Type II attestation, with formal reporting expected shortly.
Security Controls & Practices
Governance, Access & Accountability
MBW maintains formal security policies governing access management, change management, incident response, vendor risk management, and employee security training. Access to systems and data is role-based, least-privilege, and reviewed regularly.
Data Encryption & Protection
Data is protected using industry-standard safeguards, including encryption in transit and at rest, secure key management, and controlled access mechanisms to ensure that only authorized users may access data.
Customer Data Isolation
Customer Data processed within the OmnisIQ™ Products is logically isolated by tenant. Customer environments are siloed to prevent commingling, cross-customer visibility, or unauthorized access.
MBW does not use Customer Data—including documents, uploads, prompts, outputs, or query histories—to train, fine-tune, or improve AI models unless explicitly authorized in writing by the customer.
Secure Infrastructure & Monitoring
Our infrastructure follows security-by-default principles, including environment segmentation, centralized logging, monitoring, and alerting for anomalous activity. Controls are continuously evaluated and improved as the platform evolves.
Independent Review & Continuous Improvement
As part of our SOC 2 attestation process, security controls are independently evaluated through evidence review and control testing. We conduct ongoing risk assessments and remediation to strengthen our security posture over time.
Privacy-First by Design
MBW’s handling of Personal Data is governed by our Privacy Policy. Customer Data is processed solely on behalf of customers under applicable customer agreements. MBW acts as an independent controller only for limited operational purposes such as account administration, website analytics, marketing communications, and compliance.
Customer Data remains the property of the customer and is never shared between customers.
Transparency & Accountability
We believe trust is earned through transparency, consistency, and independent validation. Our security and privacy programs are designed to scale with our customers’ needs and support rigorous enterprise due-diligence requirements.
For security or privacy inquiries, please contact:
security@mbwtek.com | privacy@mbwtek.com