Trust Center

We'll show you how
this actually works.

Security architecture, policies, and commitments — collected in one place. No vague statements. Real specifics.

All systems operational
🔒

Security

Multi-tenant isolation, RBAC, authentication hardening, audit trail, and infrastructure details. The full technical picture.

✓ Live Read security docs →
🛡

Privacy Policy

What data we collect, how we use it, who we share it with, and how long we keep it. Plain language, not legalese.

✓ Live Read privacy policy →
📄

Terms of Service

The legal agreement that governs use of HatchOS. Covers service availability, liability, IP, and termination.

✓ Live Read terms →
📋

Changelog

Every release, feature, and fix documented in a public changelog. We ship fast and we document what we ship.

✓ Live · Updated regularly See what's new →
📊

Platform Metrics

Live platform-wide stats: loads dispatched, carriers onboarded, revenue moved, and AI employee activity. Updated every 15 minutes.

✓ Live · Updated every 15 min View transparency numbers →
📡

System Status

Public uptime dashboard for API availability, database health, and historical incident reports.

⏳ Coming soon Status page in progress →
📧

Report a Vulnerability

Found something? Email security@hatchos.com. We respond within 2 business days and won't pursue legal action against good-faith reporters.

Opens email Contact security team →

📋 Recently shipped

See full changelog →
Loading…
By the numbers

What isolation actually means

Not "we use multi-tenancy" — but what that means in code, at the database layer.

153
Tables with tenant_id enforcement at the query layer
6
RBAC tiers, enforced server-side on every request
0
Cross-tenant data boundaries. None. Logged God Mode actions are the only exception.
72h
Maximum time to notify affected tenants after a confirmed breach
30d
Database backup retention (daily snapshots with PITR)
7d
Maximum time to fulfil a data export request
Our commitments

What we promise, in writing

🔒
Your data is never shared with other tenants
153 tables with mandatory tenant_id filtering. No API endpoint returns data across tenant boundaries.
Enforced
📤
You can export all your data, any time
Full CSV/JSON export within 7 business days of a written request. No lock-in, no format restrictions.
Live
🗑
Data deleted within 30 days of account termination
Production deletion is permanent. Anonymized aggregate metrics (no PII) may be retained.
Policy
72-hour breach notification
If an incident affects your data, you're notified within 72 hours of our internal confirmation — with specifics, not vague language.
Committed
📋
All privileged actions are logged
Role changes, impersonation, data exports, payment updates — every action leaves an immutable audit record with actor, timestamp, and IP.
Enforced
🚀
Public changelog for every meaningful change
We document what we ship. New features, fixes, and security updates all appear in the public changelog.
Live

Ready to run your brokerage on HatchOS?

Start a 30-day free trial. No credit card required.

Start free trial Book a demo → Full security docs →

Related Resources

Security ModelDetailed technical security overview PricingPer-seat plans from $199/mo HTG Case StudyHatchOS in production at a real brokerage Security PDFDownload the security whitepaper AI Employee DemosSee the platform in action