Trust Center
Centralized access to our legal terms, compliance documents, and security resources.
Quick links
- Privacy Policy: How we handle and protect personal data.
- Terms of Service: The legal agreement for using Harmony.
- Sub-processor List: Third-party vendors we use.
- System Status: Real-time uptime monitoring.
Request documentation
We understand that vendor reviews require detailed documentation. Our security team can provide the following packages upon request.
Email security@heyharmony.com to request:
| Document | Availability |
|---|---|
| SOC 2 Type II Report | 🔜 Certification in progress |
| ISO 27001 Certificate | 🔜 Certification in progress |
| Penetration Test Summary | Enterprise / NDA required |
| CAIQ / SIG Questionnaire | Enterprise |
| Data Processing Agreement (DPA) | All Plans |
| Business Associate Agreement (BAA) | Enterprise |
Frequently asked questions
Do you train AI on my data? No. We have strict zero-retention agreements with our AI providers. Your data is processed and then immediately discarded by the model provider.
Where is my data stored? By default, data is stored in the US (AWS/GCP). Enterprise customers can choose EU Data Residency to keep all data within European borders.
How do I report a security issue?
Please email security@heyharmony.com. We welcome responsible disclosure and will acknowledge receipt within 24 hours.
Can I run Harmony on my own servers? Yes. Our Enterprise plan supports Self-Hosted deployment for air-gapped or private cloud environments.