Book a Demo

Security

Last updated
October 7, 2025

RunLLM Inc. (d/b/a Herald)

Herald is committed to maintaining the highest standards of security to protect our customers’ data. Our security program is designed to meet SOC 2 Type II requirements.

Data Protection

  • All sensitive data is encrypted both in transit and at rest using AES-256 encryption.
  • Data transmitted to and from our Services is protected using TLS 1.2 or higher.
  • Data is retained only for as long as necessary and is securely disposed of once no longer needed, per our retention policies.

Access Management

  • We regularly review access permissions to ensure that only authorized personnel have access to sensitive systems and data.

System Monitoring & Incident Management

  • Our infrastructure is continuously monitored for suspicious activity, anomalies, and potential security threats using real-time monitoring tools and automated alerts.
  • We maintain a comprehensive incident response plan with defined roles and responsibilities, investigation procedures, and communication protocols.

Security Audits and Testing

  • We undergo regular internal and external security audits to assess the effectiveness of our security controls.
  • We use automated vulnerability scanning and perform regular penetration testing to identify and remediate vulnerabilities.

Business Continuity & Disaster Recovery

  • Critical data is regularly backed up and stored in secure, geographically distributed locations.
  • We maintain a disaster recovery plan to ensure operational resilience in the event of an incident.

Privacy

We are committed to handling personal information in accordance with applicable privacy regulations. For details, see our Privacy Policy.

For technical and organizational security measures applicable to data processing, see Schedule 2 of our Data Processing Addendum.