Skip to content
Install on Shopify

Security

Built on certified infra. Locked down on top.

Arbyn runs on Render, which carries SOC 2 Type 2 and ISO 27001 at the infrastructure layer. On top of that, we make a small number of deliberate choices about how your customer data moves through Arbyn. Here is the full picture.

Infra: SOC 2 Type 2 (Render)Infra: ISO 27001 (Render)AI: zero retentionData hosted in the US

Architecture

Two layers. Two different jobs.

Security here is two things stacked. The infrastructure underneath, which we outsource to a vendor whose entire business is being audited. And the application on top, which is ours to get right.

Application layer · Arbyn

How customer messages, Shopify actions, and AI inference flow through Arbyn. Voice fingerprints, kill switch, audit log, refund ceilings, role-based access. This is ours.

Owned by ONDUTYOPS
Infrastructure layer · Render

Servers, databases, networking, OS patching, physical security. Render carries SOC 2 Type 2, ISO 27001, runs annual third-party penetration tests, and publishes a GDPR DPA. We borrow their work, on purpose.

Independently audited
01 · Application layer

What Arbyn does on top.

The choices we make about your data are the ones that earn the install. Six concrete controls, no enterprise theater, every one of them shipping today.

Zero-retention LLM

Customer messages and order context sent to the Arbyn model for inference are not retained, not logged for training, not shared with anyone. Arbyn’s AI models running under a strict no-training policy.

Encryption everywhere

TLS 1.3 in transit across every request. AES-256 at rest on the database, managed by Render. API tokens stored encrypted with rotating keys.

Audit log to Shopify timeline

Every action Arbyn takes (refund, cancel, address edit, discount, reply) writes to the Shopify order timeline. Audit history lives where you already look. No invisible actions, ever.

One-click kill switch

One toggle in the dashboard pauses every channel instantly. Drafts pause mid-write. Auto-send disables. Customers don’t get partial replies. Resume the same way you stopped.

Refund ceilings

Hard limits on any money-moving action. Per-action, per-channel. Set them once, Arbyn won’t exceed them. If a customer asks for more than the ceiling, it comes to you first.

Role-based access

Inside the company, access is locked down by default. Only the necessary team can reach live systems. When we hire, every new engineer signs the same access policy: justification required, action logged.

02 · Infrastructure layer

What Render covers.

Render is the cloud platform Arbyn runs on. They publish their own compliance posture and we inherit it for the layer we don’t control. Their public compliance docs cover everything at the infrastructure level.

SOC 2 Type 2

Independent audit of Security, Confidentiality, and Availability controls.

Current report period on Render’s Trust Center

Renewed annually
ISO 27001

International standard for Information Security Management Systems.

Current certification cycle on Render’s Trust Center

3-year cert
SOC 3

Public version of the SOC 2 report, available without NDA.

Same audit period as SOC 2

Publicly available
Annual Penetration Test

Third-party security assessment of Render's production environment.

See Render’s Trust Center for the latest date

Yearly cadence
GDPR DPA

Data processing agreement with EU transfer protections, EU-ready.

Updated Jan 2025

Publicly available
CCPA

California Consumer Privacy Act compliance covered in Render's DPA.

Continuous

Covered
US region

Hosted on Render’s US infrastructure (Oregon region).

US-hosted

Region-pinned
Render’s audit library

Full library: SOC 2 Type 2, ISO 27001 cert, Pen Test, security policy.

View Render docs

Data flow

What actually happens when a customer emails.

01 / INBOUND
Customer sends email

Inbound mail hits your support address. Arbyn forwards the message body, customer email, and order ID into the application (TLS 1.3 in transit).

Encrypted · logged
02 / CONTEXT
Arbyn pulls Shopify context

Order, customer history, fulfillment status, and your store policies pulled fresh from Shopify over a secure connection. No copy is kept once the conversation is done.

Live API call
03 / INFERENCE
Reasoning runs on Arbyn’s AI

Message and context sent to Arbyn’s AI for inference. Not retained, not used for training, returned and forgotten. Reply drafted in your voice fingerprint.

Zero retention
04 / ACTION
Reply sent, action logged

Final reply sent from your domain. Any Shopify action (refund, cancel, edit) writes to your store’s order timeline. Conversation stored encrypted in your region.

Audit trail

The promises

Six things we won’t do.

If we ever change one of these, we email every customer, publish it on the Changelog, and you can cancel and take your data with you. No surprises.

We will not sell your data.

No third-party data brokers, no marketing partner lists, no anonymized-but-monetized data products. Your customer data is yours.

We will not train models on your data.

Customer messages and your support history are not training data. Our AI providers’ terms confirm this. Voice fingerprint is a set of style signals, not your raw messages.

We will not take silent actions.

Every refund, cancel, address change, and discount Arbyn applies writes to the Shopify order timeline. If we did it, you’ll see it. Same place you already look.

We will not add subprocessors without notice.

30-day public notice before any new subprocessor is added. Object in writing and we’ll work it out, or cancel and your data is deleted.

We will not lock you in.

Cancel anytime from your Shopify admin. Your data is exported on cancellation, and deleted from Arbyn within 30 days, retaining only audit logs required by law.

We will not hide incidents.

Any security incident affecting your data, disclosed within 72 hours of detection, by email, with full scope and remediation. This is the GDPR floor. We treat it as the ceiling too.

Contact

Talk to a human about security.

Data processing agreements, security reviews, vulnerability reports, and GDPR data access requests. Real reply within 1 business day.

Security questions & audits
security@arbyn.app

For data processing agreements, security reviews, contracts, or any paperwork a larger buyer needs before signing.

Send an email
Vulnerability disclosure
security@arbyn.app

Found something? Email us with details. We acknowledge within 24h and patch fast. No bug bounty program yet, but we publicly credit responsible disclosure.

Report a vulnerability

Ready to try Arbyn?

Certified infra. Honest application layer.

Start free with 150 AI conversations a month. Unlimited is $99/month, flat. Install from Shopify and your data stays in the lane you’d expect.