Security posture, plainly.
The honest pre-launch baseline. Encryption, isolation, the compliance roadmap, sub-processors, audit posture, and how to report a vulnerability.
Encryption + data handling
Data in transit: TLS 1.3 across every public surface (api.mails.ai, the dashboard, the marketing site). Data at rest: the primary database is Turso (libsql), encrypted at the infrastructure layer; outbound mail content held by AWS SES uses AWS-managed encryption with KMS. API keys and magic-link tokens are SHA-256 hashed at rest — even we cannot recover a lost key or token, you mint a new one. Customer-managed keys (BYOK) are on the roadmap for procurement-gated customers — not shipped today.
Tenant isolation
Per-customer data isolation at the workspace_id boundary. No shared tables, no cross-tenant queries. Per-agent reputation lives in a separate scope from per-account billing data; an inadvertent reputation query cannot leak billing or message content. Rate limits scoped per-key. The boundary is enforced at the route layer (every authenticated route runs through requireApiKey and a workspace check) and verified by a dedicated workspace-isolation stress suite that ships with the smoke tests.
Compliance posture (honest about what's done vs. roadmap)
Today: GDPR-aligned baseline (Article 28 sub-processor disclosure published, DPAs available on request during closed beta, Article 17 erasure via support during closed beta and self-serve at launch). SOC 2: Type I observation begins at Phase 1 launch; we do not have SOC 2 today. HIPAA: not in scope for Phase 1; a BAA path will be considered in Phase 3 if customer demand warrants. ISO 27001 is deferred — SOC 2 covers the same enterprise procurement question for our customer base.
Sub-processors
AWS (compute, storage, SES email send/receive — including AWS KMS for SES message-store encryption), Stripe (billing + payment processing only — no Identity / KYC product), Vercel (frontend hosting + CDN for the dashboard and marketing site), Turso (sqlite-edge primary database with at-rest encryption at the infrastructure layer), Cloudflare (DNS + edge protection), Anthropic (model inference for the classifier — inbound message body is sent transiently, not stored beyond inference), Better Stack (planned Phase 1, status-page + uptime monitor). Full list with regions, data categories, and added-dates at /sub-processors. Subscribe to /changelog for updates.
Audit + observability
Every API call writes an audit_log row with category (auth, billing, sends, agents, etc.), action, target resource, API-key prefix, IP, user-agent, and timestamp. Phase 1 ships in-app audit-log retrieval via /api/v1/logs (read-only, scoped to the requesting workspace). Long-term archival to S3 (90-day hot / 1-year cold) is on the Phase 2 roadmap — closed-beta retention is bounded by Turso DB size, not by policy yet.
Customer data exports + deletion
GDPR data-subject rights are first-class in design. Today (closed beta): erasure and access requests are handled manually via support@mails.ai within 30 days, with a cryptographic audit trail of every deletion. At launch: self-serve export for messages, events, agents, and audit logs from the dashboard. Bring-your-own-encryption-key (BYOK) is roadmap, not shipped — flag it in your DPA request if you need it for a procurement decision.
Vulnerability disclosure
Report security issues to security@mails.ai. We acknowledge within one business day and respond with a triage decision within five business days. No formal bug-bounty program during closed beta; credit + acknowledgment (with consent) for valid disclosures, and a hall-of-fame at /security/hall-of-fame post-launch. The threat model that scopes valid reports is at /security.
Email security@mails.ai for security issues, or support@mails.ai for DPA / procurement questions.
See also: /sub-processors · /security · /privacy · /terms.
What to read next.
Built for agents.
Self-serve at every volume.
Public API opens Q3 2026. Drop ~6 lines into your agent and ship.
$ npm install @mailsai/sdk