SpikedAI Trust & Security
SpikedAI is committed to protecting your revenue data. We build on enterprise-grade infrastructure and follow conservative data security principles to ensure your information remains yours.
Global, redundant, isolated.
Spiked is built on world-class, multi-region cloud infrastructure. Designed for high availability, logical isolation, and rapid scalability.
Google Cloud Platform (GCP)
Primary workloads hosted in US-Central1 (Iowa) on Cloud Run, with isolated VPC networking and GCP's global perimeter defense.
Supabase Pro
Database and auth layers managed by Supabase — enterprise-grade JWT auth and high-concurrency database clusters.
Automated Backups
Point-in-time recovery and daily database backups with 7-day retention across all production environments.
Quick Facts
- Hosting LocationUS-Central1 (GCP)
- Auth MethodJWT / Supabase Auth
- Data RedundancyMulti-Zone
- Encryption MethodAES-256 / TLS 1.2+
- Uptime Targeting99.9%
Encryption & isolation by default.
Rigorous data protection controls ensure personal information and meeting data are encrypted and isolated.
Encryption
All customer data is encrypted in transit over public networks using TLS 1.2+ protocols. Data at rest is encrypted using provider-managed AES-256 keys on Google Cloud Storage and Supabase (PostgreSQL).
- FIPS 140-2 compliant hardware
- Perfect Forward Secrecy
Multi-Tenant Isolation
Spiked uses logical isolation to ensure your data is siloed. Every database record is scoped to your organization ID, with strict Row-Level Security (RLS) enforcement at the infrastructure layer.
- No cross-tenant data leakage
- Tenant-scoped Bearer JWTs
Clear boundaries on AI.
We are committed to a transparent AI policy. Spiked leverages best-in-class generative models while maintaining strict boundaries on data usage.
"Spiked does NOT use customer data to train foundation models without explicit authorization."
Subprocessor Vetting
We partner with foundational providers including Stripe and Google. All AI subprocessors are vetted for security and privacy commitments.
Grounding & RAG
Source-grounded retrieval-augmented generation based strictly on your organization's context — reducing hallucination and ensuring accuracy.
Human-in-the-Loop
All AI-generated signals and transcripts are designed for human review and verification before being committed to your CRM.
Data Processing Agreement
Spiked provides a standard DPA, including Standard Contractual Clauses (SCCs), to ensure your data is protected across jurisdictions.
- GDPR Article 28 Compliance
- Data Breach Notification
- International Transfer Safeguards
Need a technical review?
Have specific security requirements or need a technical review? Our team is available directly.