Beleav
Beleav Library
HubBlogStoriesTemplatesAcademyHelpDocsCommunityAboutCareersTrustPressContact
Trust at Beleav

Built for the businesses that can't afford a leak.

Clinics, brokerages, and software companies trust Beleav with messages, schedules, and customer data. We earn that — through audited controls, transparent operations, and the kind of plain-English security policy you can actually read.

Request SOC 2 report View Trust Center
Live status
All systems normal
99.99%
90-day uptime, blended across regions
United Statesus-east
99.998%
European Unioneu-fr
99.997%
Asia-Pacificap-sg
99.999%
Audits & attestations

The certifications. The real ones.

2025

SOC 2 Type II

Independently audited annually by A-LIGN. Continuous monitoring across all controls.

2025

HIPAA BAA

Available on Scale and Enterprise. Covered for clinics, dental, and care providers.

2025

GDPR / DPA

Standard contractual clauses, EU data residency, and a right-to-erase API.

2025

ISO 27001

Information security management system certified across product and infra.

2025

PCI DSS

Card data tokenized via Stripe. We never store PANs. Scope contained.

2025

CCPA / CPRA

Verified consumer rights workflow. Opt-outs respected across all surfaces.

How we keep your data safe

Four pillars. Plainly explained.

Data protection

  • AES-256 at rest, TLS 1.3 in transit
  • Customer-managed keys (BYOK) on Enterprise
  • Hourly encrypted backups, 30-day retention

Access controls

  • SSO (SAML, OIDC), SCIM provisioning
  • Role-based permissions down to the field
  • Time-bound, just-in-time admin access

Monitoring & audit

  • Tamper-evident audit log streamed to your SIEM
  • Anomaly detection on every assistant action
  • Forensic-grade event store, 7-year retention

Incident response

  • On-call rotation, 24/7/365
  • 60-minute customer notification SLA
  • Public, blameless post-mortems within 5 days
Sub-processors

Who we trust, who you should know about.

Provider
Purpose
Region
  • Amazon Web Services
    Compute, storage, networking
    US, EU, APAC
  • Cloudflare
    Edge, WAF, DDoS protection
    Global
  • Stripe
    Payments processing
    Global
  • Twilio
    SMS / voice transport
    Global
  • Postmark
    Transactional email
    US, EU
  • Datadog
    Observability + telemetry
    US, EU

Found a security issue?

We pay bounties and we don't play games. Email security@beleav.com with details. We respond within four hours, every hour of every day.

Disclosure policy

Need our paperwork for procurement?

SOC 2 Type II report, ISO 27001 cert, DPA, and security questionnaire — all available under NDA via the Trust Center, no sales call required.

Open Trust Center
On security and trust

The same controls Fortune 500s require — out of the box for every plan.

Talk to securityView status page