top of page

Your financial data is safeguarded with enterprise-grade encryption and controls, powered by Microsoft Azure.

Our Commitment to Data Security

 

At Altruva.ai, the security, confidentiality, and integrity of client data are our highest priority.

​

We design every part of our platform with enterprise-grade protection in mind, while staying flexible and responsive to the unique needs of non-profit organizations.

 

We are committed to transparency, ethical AI use, and full compliance with the highest standards in cloud security.

 

Secure Cloud Infrastructure

  • All operations are hosted within Microsoft Azure, ensuring enterprise-grade security, availability, and compliance.

  • Azure is certified for SOC 2, GDPR, HIPAA, FedRAMP, and other leading standards.

  • Our environments are managed using Microsoft best practices for cloud security, monitoring, and compliance.

 

 Data Protection

  • Encryption at Rest and in Transit: All client data is encrypted using TLS/SSL protocols and Azure managed encryption keys.

  • Isolated AI Processing: We utilize Azure OpenAI endpoints, providing private, secure access to AI models without exposure to public APIs.

  • Private Document Storage: All uploaded files (e.g., invoices, HR documents) are stored in Azure Blob Storage under strict access controls.

 

Access Control

  • Role-Based Access Control (RBAC): Only authorized personnel can access systems handling client data.

  • Multi-Factor Authentication (MFA): Enforced across all accounts for added security.

  • No Shared Credentials: Every individual accessing our systems has personalized access with auditing enabled.

 

Ethical AI Usage

  • Transparency: We disclose when and how AI is used in workflow automation.

  • Human Oversight: Clients always maintain control over critical financial decisions; AI suggestions are reviewed, not blindly executed.

  • Bias Monitoring: We routinely assess our AI models for unintended bias or unfair outcomes.

 

Client Data Ownership and Rights

  • Full Data Ownership: Clients retain full ownership and control over their data at all times.

  • Data Deletion Policy: Clients may request permanent data deletion at any time, which will be completed within 30 days.

 

Aggregated & De‑Identified Data Use

  • To improve the reliability, performance, and usability of our services, we may process data in aggregated and de‑identified form.

  • Aggregated outputs are designed so they cannot reasonably identify an individual or organization.

  • We do not sell or share Customer Data or aggregated data.

     

Monitoring and Response

  • We actively monitor system health and security events using Azure Monitor and Application Insights.

  • Alerts are configured to immediately detect any unusual access, system errors, or suspicious activity.

  • Our advisors conduct regular security reviews and cloud configuration audits.

bottom of page