<aside> ℹ️

Hey, this trust center was built for the good old ISMS Copilot v1. ⛩️

Now, we’re on ISMS Copilot v2. It’s a completely separate app (so, different providers, different security measures 😍) ****

Since we wanted to do things well, we made a dedicated help center just for v2! 🤯

But that’s maybe too much information at once, right? 🙅‍♂️ That’s why we made your life easier by crafting this security and data protection overview!

And what if you have no time for reading?

We would tell you that we’re a small independent team (actually 2 persons, one GRC expert - me - with a long ISO 27001/SOC2/GDPR/AI security background + one experimented Engineer that cares a lot about security, reliability, resilience).

We´ve been building ISMS Copilot with high compliance standards from day one. All our subprocessors, data processing activities, and implemented controls are public (yes, you can verify this). And most importantly, we don’t train on your data (we believe it’s not a good idea) or anyone else’s data by the way.

If you still have any questions, please reach out directly to us.

</aside>

Ok, so 99% of what’s written below is for the old ISMS Copilot.

So, if you’re using our great app, chances are you want to read this trust center instead.

We did our best to tell you, but you’re free to continue browsing.

<aside> 💡 In summary: ISMS Copilot is a company building an alternative to ChatGPT specialized in information security compliance. We are offering ISMS Copilot, an AI assistant made to support ISO 27001 consultants in delivering high-quality guidance to their clients.

</aside>

<aside> 📖

Built by information security experts and in compliance with information security, AI governance, and copyright best practices and regulations, our assistant main purpose is to help assist compliance tasks. Not replacing official documents or experts! No consulting or human services are provided, just AI assistants to help professionals do the work.

</aside>

<aside> ✅

Your conversations with ISMS Copilot chatbots are private and secure. We may review conversations to correct factual errors or to fix bugs raised by users, but never “train” on your data or use it in any way. Contact our support to delete a conversation, or use temporary chats for automatic deletion after 30 days. Our latest assistants are hosted in the EU. If you don’t know where to start, follow the guide ✌️.

</aside>

Privacy and Data Protection

Global Privacy Policy

Website Privacy Policy

Data Protection Policy

Data Inventory and Mapping

Do we train on your data?

Data Subjects Rights Information

Data Breach Response Overview

Security measures for Personal Data

International data transfers

Subprocessors

Security and AI Governance

Accuracy

AI Security

Availability and Reliability

Organizational Security

Product Security

Threat Management

Transparency, Explainability, Interpretability (TEI)

Legal and Compliance

Legal Notice

ISMS Copilot Terms of Service

Data Processing Agreement

GDPR Compliance Overview

EU AI Act Compliance

🔄 Why we’re not ISO 27001 certified yet

Helpful links

ISMS Copilot User Guide

Ask for help

ISMS Copilot Assistants

ISMS Copilot Tutorials

ISMS Copilot Roadmap

ISMS Copilot Updates

Tips for using ISMS Copilot

Using ISMS Copilot securely

Vulnerability Disclosure Policy

Known issues

Policies

See our policies in practice.

🔒Information Security Policy

🔒Acceptable Use Policy

🔒Access Control Policy

🔒AI Ethics Policy

🔒AI Security Policy

🔒Bring Your Own Device (BYOD) Policy

🔒Business Continuity Policy

🔒Compliance Policy

🔒Data Protection Policy

🔒Data Retention and Disposal Policy

🔒Incident Response Policy

🔒Remote Working Policy

🔒Vendor Management Policy

Why we’re not training on your data

This trust center was built for ISMS Copilot v1. While the service is still accessible, our efforts are now on ISMS Copilot 2.0. Our latest help center is now here.