Security

Public security posture,without inflated claims.

What we can share publicly today about controls, review processes, and the current state of platform security.

Current posture

What we can say publicly right now

We are avoiding unsupported promises here and sticking to the controls and process areas that are visible from the product and current operating model.

Trust note

This is a posture page, not a certification page.

If your procurement process needs formal security evidence, do not treat marketing copy as proof.

We would rather be explicit about what is not published yet than imply completed controls that are not available for review.

Account and session controls

The product includes password authentication, email verification, password reset, and authenticated creator sessions with ongoing hardening work.

Authenticated admin surfaces

Creator areas cover team management, API keys, billing, support, and site administration behind account access.

Direct review process

Security questions, architecture reviews, and vendor questionnaires are handled directly with the team today rather than through a self-serve trust portal.

What is not publicly published yet

These are the areas we do not want buyers to infer or assume from vague trust language.

SOC 2 report

Not published

We are not claiming a public SOC 2 Type II report or audit letter is available from this page today.

Penetration test summary

Not published

No public penetration test summary, letter of attestation, or continuous monitoring statement is posted here yet.

DPA and data handling detail

Case by case

Retention, residency, and contractual data-handling details should be confirmed during evaluation instead of inferred from this page.

Reporting a security issue

For security-related reports and questions, email hello@mateflow.com or use the contact form below.

How to reach us

Email hello@mateflow.com or use the contact form.

Include reproduction steps, affected scope, and expected impact so we can route the issue quickly. For vulnerability reports, email hello@mateflow.com directly.

If you need a security conversation during procurement, use the same channel and mention that the request is for a security review.

Contact the team

Need a security review for your evaluation?

We can walk through the current product posture and clarify what is available today versus what is still being formalized.

Request security review

Security

Public security posture,without inflated claims.

What we can share publicly today about controls, review processes, and the current state of platform security.

Current posture

What we can say publicly right now

We are avoiding unsupported promises here and sticking to the controls and process areas that are visible from the product and current operating model.

Trust note

This is a posture page, not a certification page.

If your procurement process needs formal security evidence, do not treat marketing copy as proof.

We would rather be explicit about what is not published yet than imply completed controls that are not available for review.

Account and session controls

The product includes password authentication, email verification, password reset, and authenticated creator sessions with ongoing hardening work.

Authenticated admin surfaces

Creator areas cover team management, API keys, billing, support, and site administration behind account access.

Direct review process

Security questions, architecture reviews, and vendor questionnaires are handled directly with the team today rather than through a self-serve trust portal.

What is not publicly published yet

These are the areas we do not want buyers to infer or assume from vague trust language.

SOC 2 report

Not published

We are not claiming a public SOC 2 Type II report or audit letter is available from this page today.

Penetration test summary

Not published

No public penetration test summary, letter of attestation, or continuous monitoring statement is posted here yet.

DPA and data handling detail

Case by case

Retention, residency, and contractual data-handling details should be confirmed during evaluation instead of inferred from this page.

Reporting a security issue

For security-related reports and questions, email hello@mateflow.com or use the contact form below.

How to reach us

Email hello@mateflow.com or use the contact form.

Include reproduction steps, affected scope, and expected impact so we can route the issue quickly. For vulnerability reports, email hello@mateflow.com directly.

If you need a security conversation during procurement, use the same channel and mention that the request is for a security review.

Contact the team

Need a security review for your evaluation?

We can walk through the current product posture and clarify what is available today versus what is still being formalized.

Request security review