Enterprise Trust Center

Security built for the
Enterprise Modern Sector

MarginPro is engineered on four core infrastructure pillars to protect your sensitive research data. Our architecture guarantees tenant isolation, absolute privacy from AI training, and uncompromising continuity.

🛡️

The "No-Training" Guarantee

Your proprietary research, strategic frameworks, and business logic are yours alone.

MarginPro explicitly guarantees that customer document content, saved annotations, and metadata are never ingested, analyzed, or utilized to train any generative AI models, machine learning algorithms, or telemetry engines. We process your data solely to return it back to your interface.

1. Zero Trust Identity Architecture

Identity is our perimeter. MarginPro relies strictly on Microsoft Entra ID for Single Sign-On (SSO). We never see, store, or handle your passwords, meaning your organization's MFA and conditional access policies automatically apply.

  • Least Privilege: We request only the minimum Graph API scope required to read/write the target document.
  • Tenant Isolation: Our backend utilizes strict Firebase Security Rules to validate every request globally, ensuring data cannot cross Microsoft Tenant boundaries under any circumstances.

2. Data Residency & Encryption

All data interactions occurring outside of Microsoft's Graph environment are routed through our hardened Google Cloud Platform (GCP) infrastructure.

  • Strict Data Residency: Our primary databases and compute functions are exclusively localized to US-Central (Iowa/Council Bluffs) to simplify compliance for domestic enterprise operations.
  • Encryption: Data is encrypted at rest using AES-256 standard algorithms, and all traffic in transit requires TLS 1.3.

3. Compliance & Vulnerability Management

We maintain transparency via stringent internal policies regarding system hygiene and audits.

  • SOC 2 Status: MarginPro's infrastructure is architected to SOC 2 Type II standards. An independent, formal audit is scheduled for late 2026.
  • Regulatory Alignment: Fully compliant with updated 2026 mandates including GDPR, modern CCPA expansions, and the EU AI Act (regarding algorithmic transparency).
  • Patch SLA: Critical vulnerabilities are triaged and patched within 48 hours of identification.

4. Incident Response & Continuity

We treat reliability as a security requirement.

  • Uptime SLA: MarginPro targets a 99.9% uptime commitment on all production deployments via GCP multi-zone failovers.
  • Disaster Recovery: Snapshot backups of critical configuration metadata are taken natively via automated Firebase routines.
  • Incident Notification: Validated security incidents affecting customer metadata are reported to impacted administrators within 48 hours of discovery.

Ready to start a pilot or need our full security questionnaire?

Contact Security Operations