Security & Trust — Contour Skip to main content

Contour is purpose-built for system integrators. Learn more

Contour
Request a demo
Request a demo Free for consultants →

Security & Trust

Built for enterprise
trust requirements.

Contour is delivery infrastructure for SI firms working with sensitive client data. We take data security, privacy, and compliance seriously, and we make it easy to verify.

Contact

Security inquiries

To report a vulnerability, request our security documentation, or ask questions about our data handling practices, contact our security team directly. We respond to all security inquiries within one business day.

team@usecontour.ai
Data Protection

We don't train on your data

Your inputs and outputs are never fed into model training. Your content remains exclusively yours and plays no role in developing or refining any AI model.

Enterprise-grade infrastructure

Everything is processed and stored on Amazon Web Services' enterprise infrastructure, with AES-256 encryption protecting data at rest and TLS 1.2+ securing it in transit.

Zero data retention for AI processing

By default, upstream AI providers neither store nor log your inputs, and none of it is applied to model improvement.

Granular data governance

You stay in control of your data end to end — what gets uploaded, how long it's kept, and when it's removed. Configurable retention windows, permission controls, and deletion tools hand you complete lifecycle management.
Enterprise-grade controls

Encryption at every layer

Data is encrypted in transit and at rest using industry-standard protocols such as TLS 1.2 and AES-256.

Always available infrastructure

Contour operates on enterprise-grade, multi-region cloud infrastructure with continuous monitoring, redundancy, and proactive threat detection. The platform is engineered for consistent performance even as teams, projects, and data volumes grow.

Complete access control

Supports SSO and SCIM through Okta, Azure AD, and Google, along with granular role-based access controls and comprehensive audit visibility.
Compliance
Trust Center
Powered by Vanta
SOC 2 Type I
Completed. Available to prospective customers under NDA.
SOC 2 Type II
In progress. Available to prospective customers under NDA.
Data residency
Customer data stays in your chosen cloud region. No cross-region transfer.
Pentesting
We perform regular penetration tests, vulnerability assessments, and third-party security reviews.
Disclosure

Responsible disclosure

If you discover a security vulnerability in Contour's systems or products, please report it to team@usecontour.ai. We ask that you give us reasonable time to investigate and remediate before public disclosure.

We do not pursue legal action against researchers who report vulnerabilities in good faith and follow responsible disclosure practices.

Legal

Policies

Privacy Policy Terms of Service Request security documentation