Vosu.ai Logo

Security Policy for vosu.ai

Last Updated: May 19, 2025

At vosu.ai ("we," "us," or "our"), we take the security of our platform and your data very seriously. This Security Policy outlines the measures we implement to protect our systems, your account, and the content you create and process using our AI video and image generation services (the "Service").

1. Data Protection

  • Encryption: We use industry-standard encryption protocols (such as TLS/SSL) to protect data transmitted between you and our Service. Data at rest (stored on our servers or databases) is also encrypted where appropriate.
  • Access Control: Access to user data, including Input Data and Generated Content, is strictly limited to authorized personnel who require access for specific operational purposes (e.g., customer support, system maintenance). We implement role-based access controls.
  • Data Minimization: We strive to collect and retain only the data necessary to provide the Service, as outlined in our Privacy Policy.
  • Vendor Security: We carefully vet third-party service providers, including Amazon Web Services (AWS) for cloud hosting and payment processors, and ensure they meet high security standards.

2. Infrastructure Security

  • Cloud Security: Our Service is hosted on Amazon Web Services (AWS), a leading cloud infrastructure provider that offers robust physical and network security measures, including 24/7 monitoring, access controls, and compliance with major security certifications (such as ISO 27001, SOC 2, and more).
  • Monitoring: We employ monitoring tools to detect and alert us to suspicious activities, potential vulnerabilities, and system performance issues.
  • Patch Management: We maintain a process for regularly patching and updating our systems and software to protect against known vulnerabilities.
  • Firewalls and Network Security: We utilize firewalls and other network security technologies to prevent unauthorized access to our systems.

3. Account Security

  • Password Security: We require strong passwords and store password credentials securely using hashing techniques. We encourage users to use unique, complex passwords.
  • Authentication: We implement secure authentication mechanisms to verify user identity.
  • User Responsibility: You are responsible for maintaining the confidentiality of your account credentials. Notify us immediately if you suspect unauthorized access to your account.

4. Incident Response

In the event of a security breach or incident, we have procedures in place to:

  • Promptly investigate the incident.
  • Take steps to contain and mitigate the impact.
  • Notify affected users and relevant authorities as required by law.
  • Analyze the cause and implement measures to prevent recurrence.

5. Responsible Disclosure

We value the security community. If you believe you have discovered a security vulnerability in our Service, please report it to us responsibly so we can investigate and address it.

  • How to Report: Please contact us directly at [email protected] with details of the potential vulnerability.
  • Our Commitment: We will acknowledge receipt of your report, investigate promptly, and keep you informed of our progress (where appropriate). We ask that you do not publicly disclose the vulnerability until we have had a reasonable time to address it.

6. Continuous Improvement

Security is an ongoing process. We continuously review and update our security practices, technologies, and policies to adapt to the evolving threat landscape.

7. Contact Us

If you have questions about our security practices, please contact us at [email protected].