Security at Boxsy
Last Updated: February 2026
Boxsy is committed to protecting customer data.
1. Infrastructure
- Hosted on reputable cloud infrastructure providers
- Data encrypted in transit (HTTPS/TLS)
- Access-controlled production environments
2. Access Controls
- Role-based access controls
- Limited employee access to production systems
- Authentication safeguards
3. Data Handling
- Logical separation of customer environments
- Secure API integrations
- Encrypted data transfer
4. Vendor Management
We use vetted third-party providers for:
- Cloud hosting
- Payment processing
- Analytics
- AI model infrastructure
We review vendor security practices where appropriate.
5. Monitoring & Incident Response
- Logging and monitoring of system activity
- Security event review
- Incident response procedures
If a material data breach occurs, we will notify affected customers in accordance with applicable law.
6. AI Security
- Prompts processed securely
- No public model training using customer data
- Usage monitoring for abuse prevention
7. Customer Responsibilities
Customers are responsible for:
- Protecting login credentials
- Managing internal access permissions
- Reviewing AI outputs before use
Report a Security Issue
If you discover a security vulnerability, please email us at security@boxsy.io instead of opening a public issue. We appreciate responsible disclosure and will work with you to resolve any concerns.