Note: Juno never stores your credit card information. All purchases are made using our own payment methods and billed to you through secure invoicing, eliminating any exposure of your financial data.
Security is directed and maintained by Juno's founding engineering team with oversight from our leadership.
Application Security
Authentication & Access Control
API Security
Our REST API uses secure API keys with account-specific authentication and rate limiting to prevent abuse.
Session Management
All user sessions use secure, encrypted cookies with automatic expiration and renewal.
Communication Security
Proxy Communications
When communicating on your behalf, we use proxy phone numbers and email addresses.
Call Recording Security
All recorded communications are encrypted in transit and at rest, with access limited to authorized team members only.
Email Security
We implement DMARC, SPF, and DKIM protocols to prevent email spoofing and ensure message authenticity.
Data Security & Privacy
Encryption Standards
Data in Transit
All data transmission uses TLS 1.3 encryption with perfect forward secrecy. Our SSL configuration maintains an A+ rating on SSL Labs.
Data at Rest
All databases and storage systems use full-disk encryption with AES-256. Sensitive data within databases receives additional encryption layers.
Backup Security
All backups are encrypted using the same standards as production data, with secure key management and access controls.
Data Handling Practices
PII Protection
We minimize collection of personally identifiable information and automatically scrub sensitive data from application logs.
Data Segregation
Customer data is logically separated with strict access controls preventing cross-contamination between accounts.
Secure Development
All code changes undergo security review, automated testing, and vulnerability scanning before deployment.
Data Retention & Deletion
Clear Retention Policies
All data is maintained while account is active, and for 30 days following closure for data request purposes
Secure Deletion
Upon account termination or data deletion requests, all information is erased within 24 hours.
Infrastructure Security
Cloud Infrastructure
AWS Foundation
Juno is hosted on Amazon Web Services (AWS), leveraging their enterprise-grade security model and compliance certifications.
Access Controls
Principle of Least Privilege
System access is granted on a need-to-know basis with regular access reviews and automatic deprovisioning.
Administrative Access
Only designated senior engineering team members have production system access, protected by multi-factor authentication and session monitoring.
Key Management
Encryption keys are managed through AWS KMS with automatic rotation and audit logging.
Business Continuity & Disaster Recovery
High Availability
Redundant Systems
Every component of the Juno service uses properly-provisioned, redundant servers across multiple availability zones.
Automated Failover
In case of system failure, automated failover systems ensure continuous service availability with minimal interruption.
Performance Monitoring
Real-time monitoring and alerting systems track system health and performance 24/7.
Disaster Recovery
Encrypted Backups
Regular automated backups are maintained with encryption and integrity verification.
Recovery Testing
Our disaster recovery procedures are regularly tested and updated to ensure rapid restoration of services.
Communication Plans
In the event of any service disruption, we maintain clear communication channels to keep users informed of status and resolution timelines.
Team Security
Employee Screening
All Juno team members undergo comprehensive background checks including:
- Identity verification and employment history
- National and county criminal records checks
- Global watchlist screening
- Reference verification
Security Training
Onboarding Security
New team members receive comprehensive security training covering data handling, privacy requirements, and incident response procedures.
Ongoing Education
Regular security updates and training sessions ensure team members stay current with evolving security best practices.
Secure Work Practices
All team members use company-managed devices with full-disk encryption, VPN access, password managers, and mandatory 2FA.
Access Management
Role-Based Access
Team member access is strictly limited based on job function with regular review and updates.
Sidekick Access Controls
Customer service team members (Sidekicks) have access only to information necessary for assigned tasks, with all access logged, monitored, and automatically revoked upon task completion.
Vulnerability Management
Security Testing
Penetration Testing
Independent third-party security firms conduct comprehensive penetration testing of our systems.
Continuous Monitoring
Automated vulnerability scanning and security monitoring occur continuously across our infrastructure.
Code Security Reviews
All code changes undergo security review and automated scanning for potential vulnerabilities before deployment.
Responsible Disclosure
Bug Bounty Program
We welcome security researchers to help identify vulnerabilities through our responsible disclosure program.
Reporting Security Issues
Security concerns can be reported to security@meetjuno.com with full details and proof of concept.
Response Commitment
We commit to acknowledging security reports within 24 hours and providing regular updates on resolution progress.
Recognition Program
Researchers who responsibly disclose valid security issues may be eligible for recognition and rewards based on severity and impact.
Compliance & Attestations
Current Compliance
PCI Compliance
Juno maintains PCI SAQ-A compliance annually. We use Stripe, a PCI Level 1 Service Provider, for all payment processing.
Privacy Regulations
We maintain compliance with applicable privacy regulations including CCPA.
AWS Compliance
Our infrastructure benefits from AWS's extensive compliance certifications including SOC 2, ISO 27001, and FedRAMP.
Available Documentation
Upon request, we can provide:
- PCI SAQ-A documentation
- Annual penetration test summaries
- Security architecture documentation
- Compliance attestations
Contact security@meetjuno.com to request any compliance documentation.
Incident Response
Security Incident Procedures
Immediate Response
Security incidents trigger immediate containment procedures and executive notification within 1 hour of detection.
Customer Notification
Confirmed security incidents affecting customer data result in direct customer notification within 72 hours with detailed impact assessment.
Remediation & Prevention
All incidents undergo thorough root cause analysis with implementation of additional safeguards to prevent recurrence.
Continuous Improvement
Regular Reviews
Security policies and procedures are reviewed quarterly and updated based on emerging threats and industry best practices.
Threat Intelligence
We maintain awareness of current security threats and implement proactive measures to protect against emerging risks.
How the Vault Works
Military-Grade Vault Encryption
Sensitive information is protected using envelope encryption with individual AES-256 keys per data item, managed through AWS Key Management Service.
Zero-Knowledge Access
Our Sidekicks only access the minimum information needed for each specific task—if only a zip code is required, your full address remains encrypted and inaccessible.
AI-Free Vault Processing
Your Vault data is never processed by AI systems. All sensitive information is handled exclusively by human Sidekicks.
Secure Communications
All application, database, API, and communication traffic is encrypted via TLS/HTTPS with perfect forward secrecy.
Complete Audit Trail
Every access to your Vault data is logged with detailed timestamps, purpose, and duration, with real-time notifications to you.
Minimal Data Retention
We retain only mission-critical data for service delivery and automatically delete information according to our retention policies.
Vault Security Architecture
Envelope Encryption System
Each piece of sensitive data in your Vault is protected with its own unique encryption key:
- Individual Data Keys: Every Vault item gets a unique AES-256 encryption key
- AWS KMS Protection: Data keys are encrypted using AWS Key Management Service, the same technology trusted by financial institutions and government agencies
- Multi-Layer Security: Your data is encrypted both at the individual item level and at the storage level
- Tamper Detection: Any unauthorized access attempts are immediately detected and logged
Granular Access Controls
- Task-Specific Access: Sidekicks can only access Vault items you've specifically attached to their task
- Minimum Necessary Principle: Access is limited to the exact information needed (e.g., zip code only, not full address)
- Time-Limited Access: All access is automatically revoked when a task is completed
- Explicit Authorization: Every access requires your specific approval for each use case
Human-Only Processing
- No AI Access: Vault data is never sent to OpenAI, Anthropic, or any AI service
- Local Processing: Information is processed locally by trained human Sidekicks only
- Secure Workstations: All Sidekick access occurs through secured, monitored workstations
- Training & Background Checks: All team members undergo comprehensive security training and background verification
Contact & Questions
For security-related questions or to report security concerns, please email security@meetjuno.com.
For compliance documentation requests or enterprise security discussions, please include your company name and specific requirements.
