Security & Trust

How we protect your code and data

Data Encryption

All data sent to or from Changelog AI is encrypted in transit using 256-bit encryption. Our API and application endpoints are TLS/SSL only and score an 'A+' rating on SSLLabs tests.

Data Privacy

We do not store your git commit logs after processing. They are processed in memory and discarded immediately once your changelog is generated. We never train AI models on your data.

Cloud Infrastructure

Our infrastructure is hosted on Vercel and AWS. These providers maintain multiple certifications, including SOC 2 Type II, ISO 27001, and PCI-DSS Level 1.

Global Security

We use Cloudflare for DDoS protection and a Web Application Firewall (WAF) to detect and block malicious traffic before it reaches our servers.

Vulnerability Reporting

Security is a continuous effort. If you believe you have found a security vulnerability in Changelog AI, please contact us immediately at security@changelog.ai. We investigate all reports and do our best to fix verified issues promptly.