Trust, on the record
A single index of the security, governance, data-handling, and legal records Threada keeps. Each entry below links to the canonical page that owns it — this page does not restate the detail, it points to where it lives.
Records and receipts
What we publish, and where the detail is kept.
- SEC-01 Security overview How intake, policy-driven automation, and execution are governed and kept auditable.
- SEC-02 Data, isolation, and SLA Threat modeling, tenant isolation, configurable retention, audit logging, and performance SLAs.
- SEC-03 Identity and SSO Per-tenant OIDC or SAML, role mapping, and access aligned to enterprise identity policy.
- GOV-01 Policy, retention, and governance What is allowed, how long artifacts are kept, and how exceptions are reviewed.
- LEG-01 Data Processing Agreement The processing terms that may supplement the Terms for personal data of data subjects.
- LEG-02 Subprocessors The third parties engaged to help provide the Service, with their roles.
- LEG-03 Privacy Policy What personal data we handle, why, and the choices available to you.
- OPS-01 System status Current operational state and uptime for the Service.
We do not train foundation models with Customer Content.
You retain ownership of Customer Content. We process it under a limited license only to provide and improve the Service.
Read the Terms SEC-CONTACT Report a security issue
Security contact security@threada.ai Found a vulnerability or have a security concern? Email the team and we will respond. There is no public bug-bounty program at this time.
Please include enough detail to reproduce the issue. Do not include real customer data.
Need something not listed here?
Talk to the team about governance, contracts, or a specific control.