> ## Documentation Index
> Fetch the complete documentation index at: https://docs.repixa.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Overview

> How Repixa keeps your product and prospect data safe

# Security Overview

Security is built into Repixa's core architecture. Every demo runs in an isolated environment with strict access controls.

## Key security principles

<CardGroup cols={2}>
  <Card title="Environment isolation" icon="box">
    Each demo session runs in a fully isolated sandbox. Sessions cannot access other sessions or your production environment.
  </Card>

  <Card title="UI action restrictions" icon="lock">
    Laura can only interact with URLs and elements you explicitly allow. Billing pages, settings, and admin areas are blocked by default.
  </Card>

  <Card title="No credential storage" icon="key">
    Repixa never stores your product's login credentials. Demo environments use token-based or SSO access.
  </Card>

  <Card title="Data minimization" icon="eye-off">
    Only demo-relevant prospect data is captured. No PII beyond what the prospect voluntarily shares.
  </Card>
</CardGroup>

## Data handling

| Data type               | Stored | Retention              | Shared             |
| ----------------------- | ------ | ---------------------- | ------------------ |
| Demo session recordings | Yes    | 90 days (configurable) | You only           |
| Prospect contact info   | Yes    | Until deleted          | CRM (if connected) |
| Knowledge base content  | Yes    | Until deleted          | Laura only         |
| Product credentials     | No     | Never                  | Never              |

## Compliance

Repixa is actively pursuing enterprise compliance certifications. Current status:

* **SOC 2 Type II** — In progress
* **GDPR** — Compliant (data processing agreements available)
* **CCPA** — Compliant

For enterprise compliance documentation or DPAs, [contact us](https://cal.com/salah-rhjxq8/sales).

## Responsible disclosure

If you discover a security vulnerability, please report it to [**security@repixa.io**](mailto:security@repixa.io). We aim to respond within 48 hours.
