Security and Compliance

ChoicePilot is designed around operator trust, controlled automation, and auditable execution.

1. Core Security Controls

• TLS encryption for data in transit
• environment-based secret management
• OAuth-based least-privilege connector access
• role-aware workspace authorization
• structured recommendation/action audit records

2. Product Safety Model

• approval-first execution model by default
• draft/proposal artifacts for sensitive workflows
• policy controls for confidence thresholds and provider routing
• bounded execution windows and review context helpers

3. Operational Controls

• integration health lifecycle monitoring (healthy/warning/stale/expired)
• duplicate and stale account remediation workflows
• guided recovery and targeted execution diagnostics

4. Data Governance

• customer-controlled connector scope through OAuth permissions
• configurable retention and deletion pathways
• export and operational review surfaces in dashboard APIs

5. Vulnerability Reporting

Report security issues to security@choicepilot.online. Include reproduction steps, impact, and any proof-of-concept details.

6. Compliance Program

ChoicePilot maintains policies and controls to support privacy, security, and vendor review requirements across major connector ecosystems.

For contract terms and processing details, see Privacy Policy, Data Processing Addendum, and Terms of Service.