Enterprise Security

Comprehensive security practices and compliance frameworks to protect your data

Compliance & Certifications

SOC2

SOC 2 Type II Certified

Third-party audited compliance covering security, availability, processing integrity, and confidentiality controls. Annual recertification ensures ongoing compliance.

GDPR

GDPR Compliant

Full compliance with EU data protection regulations, including Data Processing Agreements, Standard Contractual Clauses, and data subject rights mechanisms.

CCPA

CCPA Compliant

California Consumer Privacy Act compliant with mechanisms for users to access, delete, and opt-out of data sales. Full documentation available upon request.

ISO

ISO 27001 In Progress

We are actively pursuing ISO 27001 Information Security Management certification to further demonstrate our commitment to security excellence.

No PII Architecture

We Don't Store User Data

PromptBid's architecture is fundamentally different from typical ad networks. We never collect, store, or have access to personally identifiable information about the end-users of your applications.

Our platform works exclusively with aggregated, anonymized campaign performance metrics. You own your user data. We simply help you monetize your AI applications through secure, privacy-respecting ads.

This architectural choice eliminates entire classes of security risks while preserving privacy for your users. No user databases mean no user data breaches. No PII collection means no PII to lose.

What This Means in Practice

  • When you run a campaign, we see: impressions, clicks, conversions, and spend
  • When you run a campaign, we never see: user IDs, IP addresses, email addresses, or device identifiers
  • Your users' data remains entirely within your applications
  • We cannot and do not build profiles of individual users across your campaigns
  • Third parties cannot request or access your users' data through PromptBid

Responsible Disclosure & Bug Bounty

We Reward Security Researchers

If you discover a security vulnerability in PromptBid, we want to hear about it. Our bug bounty program rewards researchers for responsibly disclosing security issues.

Please report security issues to: security@promptbid.ai

Up to $500
Low Severity
Up to $2,500
Medium Severity
Up to $10,000
Critical Severity

Responsible Disclosure Guidelines

  • Do not publicly disclose vulnerabilities before we have time to patch them
  • Do not access accounts you don't own or modify other users' data
  • Do not perform testing on production systems without explicit permission
  • Avoid testing that could impact service availability or user experience
  • Report issues to security@promptbid.ai with detailed reproduction steps

Have Security Questions?

Our security team is ready to discuss your concerns and provide detailed information about our practices and certifications.

Contact Security Team