Helply
Security at Helply

The boring kind
of secure.

SOC 2 Type II. GDPR. 80+ controls monitored continuously. The least exciting page on our site, by design.

Visit our Trust Center
Our principles

Four commitments that shape every decision.

The default settings on Helply are the secure ones. Here’s what that means in practice.

01

Encryption everywhere

Customer data is encrypted at rest and in transit. Access to encryption keys is restricted to authorized personnel on an as-needed basis.

02

Least-privilege access

Access to production systems is role-based, regularly reviewed, and promptly revoked when no longer needed.

03

Continuous monitoring

Vanta monitors our security controls continuously. External-facing systems are vulnerability-scanned, with findings tracked to remediation.

04

Your data, your control

Request deletion anytime. We maintain formal retention and disposal procedures to ensure your data is securely purged when you leave.

AI & data handling

Your data isn't training someone else's model.

B2B support data has business value beyond the conversation: pricing tactics, account intel, product roadmaps. We treat it that way.

  • Tenant isolation

    Your tickets, knowledge base, and CRM data are scoped to your tenant. No cross-customer training, ever.

  • Model provider data handling

    API calls to our AI model providers are not used for training purposes… ever.

  • Opt-in improvement

    Want to help us improve resolution quality? Opt in per workspace. Default is off.

  • Auditable AI actions

    Every AI action, resolution, escalation, signal, is logged with the source data it used and the decision it made.

The full picture

Everything we monitor lives at trust.helply.com.

All 80+ controls, real-time status, audit reports, subprocessors, and the policies that back them. Updated continuously. No login required.

Control inventory

80+ controls across infrastructure, organizational, product, and data privacy, continuously monitored via Vanta.

Audit reports

SOC 2 Type II report and pen-test summaries available on request. Most teams clear procurement in under a day.

Subprocessors & policies

Full subprocessor list, data flow diagrams, and the policies that back every control. All public.

Visit Trust CenterRequest SOC 2 report
Need more?

Security reviews,
fast and human.

No procurement gauntlet. Send us your security questionnaire or request our DPA and we'll get back to you without delay.

Email security@helply.comVisit Trust Center →