SOC 2 Reports
Request when availableAudit reports when SOC 2 attestation is completed.
Trust Center
Resources
Public policies and security docs. For SOC 2 reports and similar, request access from security.
Resources
Legal & Privacy
Privacy Policy
PublicHow coThink collects, uses, stores, and protects information.
Terms of Service
PublicAccount responsibilities, acceptable use, and customer content.
Data Processing Addendum
PublicEnterprise data processing terms and GDPR-aligned commitments.
Cookie Policy
PublicHow coThink uses cookies and similar technologies.
Acceptable Use Policy
PublicPermitted and prohibited uses of coThink services.
Enterprise Master Services Agreement
PublicEnterprise contracting terms for platform access, security, compliance, and AI.
Security Documentation
Security Overview
PublicAuthentication, encryption, access control, and monitoring.
Encryption & Key Management
PublicTLS, AES-256-GCM, organization-managed and E2EE encrypted rooms.
Identity & Access Management
PublicPasskeys, SSO, RBAC, MFA, and session security.
Infrastructure Security
PublicEnvironment separation, operator access, and monitoring.
Application Security
PublicSecure SDLC, vulnerability management, and application controls.
Privacy & Data Ownership
PublicCustomer ownership, BYOM privacy, export, and retention.
Responsible Disclosure
PublicReport security vulnerabilities to coThink.
Compliance
Compliance Roadmap
PublicCurrent controls, planned work, and certification status.
Subprocessors
PublicThird-party vendors that may process data on behalf of coThink.
Penetration Test Executive Summary
Request when availableThird-party assessment summary when available.
Security Whitepaper
Request when availableSecurity architecture, data flows, and operations.
Vendor Security Package
Request when availablePolicies and security docs bundled for vendor reviews.
Business Associate Agreement (BAA)
Request when availableFor eligible HIPAA deployments.