Trust & Security
Standalone by design. Safe by default.
Proofpoints turns your customers' own words into published stories. We built it to be trusted by the most security-conscious organisations in the world – which starts with a simple architectural choice: we never connect to your systems.
There is no integration with your CRM, your sales pipeline, your financial systems, your identity provider or your internal network. There is nothing to plug in. The only things that reach us are the story content your advocates choose to share and the specific contacts you choose to invite to a campaign – never a connection into the systems where your sensitive data lives.
The trust boundary
What crosses the line – and what never does
Everything to the left is what a story needs. Everything to the right stays inside your walls, always. We are a contained, single-purpose service with a deliberately narrow surface.
Comes in
· Interview transcript
· Story content & edits
· Advocate name & role
· Campaign contacts you upload (name, role, business email)
· Company name & public details
The Proofpoints boundary
Encrypted. EU-hosted. Isolated per organisation. Processed only to produce your story.
› Database & audit log (EU)
› Encrypted file storage
› AI models (never trained on your data)
› Transcription
Never crosses
✕ Your CRM
✕ Sales & pipeline data
✕ Financial systems
✕ Identity provider / SSO directory
✕ Internal networks
✕ Your customer or employee databases
We touch none of your systems and ingest none of your bulk operational data. What we hold is limited to the story content and the specific campaign contacts you give us – a deliberately small, well-defined footprint.
Data scope
Only what a story needs
What we hold
The interview transcript and the story as it is written and edited; the advocate's name and role; the customer company's public details; and, for a campaign, the contacts you choose to invite – their name, role and business email. That is the whole footprint.
How we handle contact data
These are the specific people you intend to feature in a story – a small, nominated set of prospective advocates, not a bulk mailing list. We act as your data processor: their details are used only to invite them and gather their story, never sold, never shared, and never used to train AI. Handled under GDPR, covered by our DPA, and deleted on request.
Consent for what's published
Recording consent and a formal approval step are built into the workflow. The advocate reviews and signs off before their story is published – you are never publishing something no one agreed to.
Where it lives
Hosting, residency & sub-processors
Proofpoints runs on modern, independently-certified infrastructure (SOC 2 / ISO 27001 at the platform level), with data hosted in the EU. Every sub-processor is listed below – transparency here is standard, and we keep it current.
For US and other non-EU clients:EU hosting meets the strictest data-protection standard, so your data is protected to the highest bar – being more protective is a plus, not a constraint, and standard mechanisms cover any cross-border transfer. If your organisation requires a specific hosting region, talk to us.
AI & your data
Your words are never training data
We never train on your content
Proofpoints does not use your stories, transcripts or data to train any model – ever.
Neither do our model providers
AI runs through providers whose API terms prohibit training on submitted data and support short or zero retention. For enterprise engagements we route only to these providers.
Human-owned, always
AI drafts; people decide. Every story is reviewed and approved by a person before it is published. Nothing is auto-published from a model.
Where AI is used, exactly
Full transparency on every task that touches a model, what it does, and what data it sees. In every case the data is that tenant's own, and a person reviews the result.
Admins choose which AI models are used and can tailor the instructions behind each task. Every output is editable, and a person reviews and approves every story before it is published.
Controls
How we protect it, day to day
Tenant isolation
Every organisation's data is walled off. Cross-tenant requests return 'not found' – never another client's data, and never a hint that it exists.
Role-based access
Viewer, member, admin and owner roles gate every action. Reads, writes and deletes each require the appropriate role, enforced on the server for every request.
Encryption everywhere
All data is encrypted in transit (TLS) and at rest by default across our database, file storage and backups.
Audit logging
Every create, update and delete is recorded with the user, action, resource, IP and timestamp, retained for a minimum of two years.
Least privilege
Administrative keys are server-side only and never exposed to the browser. Webhooks are signature-verified before any processing.
Hardened by default
Security response headers, strict input validation on every request, and internal database errors are never surfaced to clients.
Compliance
Where we are, plainly
The platform is built to SOC 2 controls – tenant isolation, least privilege, encryption, audit logging and change management are engineered in, not bolted on. A formal SOC 2 examination and independent penetration test are on our roadmap; we are happy to share current status, evidence and timelines under NDA. We support GDPR obligations, EU data residency, and a Data Processing Agreement with an explicit no-AI-training clause.
We would rather tell you exactly where we are than imply a badge we haven't earned yet. If a certification is a gate for you, talk to us – we will show you the plan.
Diligence
The security package
Public – this page
Our architecture posture, data scope, sub-processor list, AI stance and controls. Everything a first-pass review needs, with no NDA required.
Private – under NDA
The evidence pack: security examination status and reports, penetration-test results, a completed security questionnaire (CAIQ / SIG), our DPA and sub-processor agreements, and a detailed data-flow for your review. Request it and we will turn it around quickly.
Security or diligence questions? Email security@proofpoints.com. To report a vulnerability, use the same address – we respond promptly and will not pursue good-faith researchers.