Security & Compliance
Your submission data does not train models for other carriers
Carrier loss histories, exposure schedules, and pricing model configurations are competitively sensitive. Undwrlyft enforces strict tenant isolation: your data is never used to train extraction models for other customers, never shared across carrier namespaces, and never retained beyond your contractual terms. Designed with SOC 2 Type II controls from day one.
Security Architecture
The four components of our security architecture
Data Encryption
All submission data is encrypted at rest with AES-256 and in transit using TLS 1.3. Encryption keys are managed via a dedicated key management service with automatic rotation. No plaintext data is written to disk at any stage of processing.
Access Control
Role-based access control (RBAC) ensures every user sees only the submissions and data their role permits. Carrier-level data isolation is enforced at the database layer — no shared tables, no cross-tenant data access. Single sign-on (SSO) integration is standard for enterprise deployments.
Audit Logging
Every action in the Undwrlyft platform — extraction, review, override, export — is logged with timestamp, user identity, and data fingerprint. Audit logs are immutable and retained in accordance with your organization's retention policy. Logs are available via API export for your SIEM.
Infrastructure Security
Undwrlyft is deployed on SOC 2 Type II compliant cloud infrastructure with network segmentation, intrusion detection, and automated vulnerability scanning. Production environments are isolated from staging and development. Penetration testing is conducted annually by a qualified third party.
Data Isolation
Your data never touches another carrier's environment
Undwrlyft enforces strict multi-tenancy. Each carrier and MGA operates in a logically isolated environment. Submission data, extracted fields, pricing pre-fills, and audit logs are all partitioned at the database layer by tenant identifier.
Carrier-specific appetite rules, pricing model configurations, and integration credentials are stored in separate encrypted namespaces. There is no shared configuration that could allow cross-tenant data leakage.
SOC 2 Program
Designed with SOC 2 Type II controls
Undwrlyft is designed with the SOC 2 Trust Services Criteria — covering security, availability, processing integrity, confidentiality, and privacy. Our security program documentation is available to qualified prospects under NDA.
Our infrastructure providers maintain their own SOC 2 Type II attestations, and our vendor management program requires security review for any third party that touches customer data.
- Security and availability criteria
- Annual third-party penetration testing
- Vendor security assessments
- Incident response plan with defined SLAs
- Business continuity and disaster recovery procedures
Common Questions
Security inquiries we hear from carrier IT teams
Does our loss history data train Undwrlyft's models for other carriers?
No. Your carrier's submission data — loss runs, exposure schedules, ACORD forms, pricing model configurations — is never used to train or fine-tune extraction models that serve other customers. Model improvements are based on format library expansion and labeled training data we maintain independently. Each carrier's data remains within its isolated tenant namespace throughout its lifecycle.
Where is submission data stored, and in which region?
All customer data is stored in US-based data centers. Regional storage can be configured for carriers with specific data residency requirements. Data is never replicated to servers outside the agreed region without explicit contractual consent.
How is our data isolated from other Undwrlyft customers?
Tenant isolation is enforced at the database layer. Each carrier and MGA is assigned a unique tenant identifier that gates all data access. There are no shared tables across tenants, and no query path exists that can return data from another tenant's namespace.
Can we use our existing identity provider for SSO?
Yes. Undwrlyft supports SAML 2.0 and OIDC-based single sign-on for enterprise deployments. We have tested integrations with Okta, Azure Active Directory, and Ping Identity. Implementation is typically completed in one to two days of IT coordination.
How are loss runs and other submitted documents handled after extraction?
Original documents are retained in encrypted storage for the duration specified in your data retention agreement. Extracted structured data is stored separately. Both are governed by the same RBAC controls as the rest of your tenant. Deletion requests are processed within the timeframe specified in your service agreement.
What is Undwrlyft's incident response process?
We maintain a documented incident response plan with defined detection, containment, eradication, and notification SLAs. Customer notification of a security incident affecting their data occurs within 72 hours of detection, consistent with applicable regulatory requirements. Full incident reports are provided upon request.
Request security documentation for your vendor review
We maintain a completed security questionnaire, infrastructure architecture overview, and SOC 2 program summary available to qualified prospects under NDA. If your IT or procurement team has specific questions about data handling, isolation architecture, or incident response procedures, contact us directly.