Security answers,
clearly.
Procurement negotiations include sensitive pricing, terms, and internal constraints. This page summarizes how Negotiations.AI approaches security and what to expect in a security review.
Compliance & privacy
A clear snapshot of our current posture and what’s in progress for enterprise security reviews.
SOC 2 Type I
Negotiations.AI is SOC 2 Type I compliant. Supporting documentation is available via the Trust Center and during your security review (NDA-friendly).
ISO/IEC 27001
ISO/IEC 27001 work is in progress as we mature our information security management system (ISMS) and map controls to procurement-grade workflows and data handling.
GDPR
GDPR work is in progress. We support data deletion and can share DPA and subprocessor details during your security review.
At a glance
The most common questions we get from security, legal, and procurement leadership.
Access controls and governance
Workspaces are organization-scoped with role-based access and audit-friendly workflows (approvals, audit log, and retention policies).
Private content is not for training
We do not use your private negotiation content to train public models.
Security review ready
We support security questionnaires and share architecture and processing details during your review (NDA-friendly).
You control your data lifecycle
You can delete your data at any time. We can also align retention to your governance requirements.
What your security team cares about
Your team needs to know where sensitive files go, who can access them, and how AI processing is controlled.
Security review checklist
- Data flow (ingest → processing → outputs → retention/deletion)
- Subprocessors and model provider handling (NDA-friendly)
- Access control model (RBAC, org isolation, SSO/SAML for enterprise)
- Auditability (approval trails, audit logs, retention policies)
Security FAQ
Need a fast security review?
Send your questionnaire or required controls list and we’ll respond with documentation and a walkthrough.