Your data, protected by design.
Zamino connects the most sensitive data your business has, so we built security into the foundation — encrypted credentials, permission-based access, isolated tenancy, and AI connections you fully control and audit.
How we protect your data.
Security isn’t a feature — it’s the foundation of everything we build.
Encrypted Credentials & Secrets
The tokens that connect your bank, accounting, and POS accounts are encrypted with AES-256 through Google Cloud KMS before they're stored. Application secrets live in Google Secret Manager — never in our source code.
Permission-Based Access
Access is permission-based and checked on every request. Beyond that, access to each connected data source is granted per-source — so your team sees exactly the sources you decide, and nothing more.
Isolated Per Business
Your data is scoped to your organization at every layer. The AI query path is further locked down with database row-level security, and an automated test suite continuously checks for cross-tenant leakage.
You Approve Every AI Connection
Connect ChatGPT or Claude over MCP and you approve each connection explicitly — revocable in one click. The assistant can only run read-only queries, only against the sources you've granted, and every query is recorded.
Audit Trail & Rate Limiting
Sign-ins, permission changes, and every AI data query are written to an audit trail. All API access is authenticated and rate-limited to resist abuse.
Hardened Cloud Infrastructure
Zamino runs on Google Cloud — SOC 1/2/3-certified data centers — with encrypted transport (TLS), hardened HTTP security headers, and fully parameterized database access to prevent injection.
You control your data. Always.
Your business data belongs to you. Our architecture is designed so you decide who — and which AI — can see it, and so you can pull the plug at any time.
- Connection tokens and credentials are encrypted with AES-256 (Google Cloud KMS) before they're stored.
- Your data is isolated to your organization and never commingled with other customers'.
- Disconnect any source and its imported data is purged.
- Every AI connection is read-only, scoped to the sources you grant, and fully audited.
- Zamino never trains AI models on your business data.
- All API access is authenticated, rate-limited, and logged.
Have security questions?
We’re happy to walk through our security architecture, our data practices, or how AI access controls work. Reach out at security@zamino.com.
Your data,
finally talking back.
Connect your first source in five minutes and ask your first question today. No card required.
No credit card · 5-minute setup · Cancel anytime