Skip to content
8:59
Get My Briefing
Trust Center

Security Overview

Last updated: May 11, 2026

At my859, trust and security are foundational to how we design, build, and operate our platform. Because my859 connects to workflows, communications, calendars, and productivity systems, we understand the importance of protecting customer information with thoughtful technical and operational safeguards.

This page provides a high-level overview of our current security practices and operational approach.

Security Principles

  • Least-privilege access
  • Encryption-first architecture
  • User data isolation
  • Responsible AI processing
  • Minimized data exposure
  • Operational transparency
  • Continuous improvement

Data Protection

Encryption in Transit

Data transmitted between users, integrations, and my859 services is encrypted using industry-standard TLS encryption.

Encryption at Rest

Sensitive data stored by my859 is encrypted at rest using commercially reasonable encryption standards provided by our infrastructure and cloud service providers.

OAuth Authentication

my859 supports authentication and integrations through trusted providers such as Google, Microsoft, and Apple. OAuth tokens and authentication credentials are handled securely and are restricted to authorized application functionality. We request only the permissions necessary to operate features explicitly enabled by users.

Users may revoke integration access at any time through:

  • Their provider account settings
  • Connected app settings
  • my859 account controls

AI and Data Usage

AI Model Training Restrictions

Your connected emails, calendar events, messages, prompts, files, and other customer data are NOT used to train public or shared AI models. my859 does not contribute identifiable customer content into generalized AI training datasets. AI processing is performed solely to provide functionality directly requested by users within the my859 platform experience.

AI Output Review

AI-generated summaries, drafts, recommendations, and analyses may contain inaccuracies or unintended results. Users are responsible for reviewing and validating AI-generated outputs before acting upon them.

Infrastructure and Hosting

my859 utilizes reputable cloud and infrastructure providers to support platform operations, including hosting, storage, authentication, analytics, monitoring, and payment processing. Infrastructure providers may include:

  • Cloud hosting providers
  • Managed database providers
  • Authentication providers
  • Payment processors
  • AI processing providers
  • Monitoring and logging platforms

Access to production infrastructure is restricted to authorized personnel with legitimate operational responsibilities.

Access Controls

my859 follows least-privilege access principles wherever reasonably practical. Security measures may include:

  • Role-based access controls
  • Authentication protections
  • Limited administrative access
  • Environment separation
  • Audit logging
  • Session monitoring

Only authorized personnel may access production systems or customer information when necessary for customer support, technical troubleshooting, security investigations, operational maintenance, or legal compliance.

Monitoring and Incident Response

my859 maintains operational monitoring and logging practices designed to identify:

  • Service disruptions
  • Unauthorized access attempts
  • Infrastructure issues
  • Security anomalies
  • Abuse patterns

In the event of a material security incident affecting customer information, we will take reasonable steps to investigate the incident, mitigate risk, restore service integrity, and notify affected parties when required by applicable law.

Application Security

my859 is developed with security considerations integrated into the software development lifecycle. Security-focused practices may include dependency management, environment isolation, secure credential handling, configuration management, logging and monitoring, access reviews, and ongoing platform updates.

Data Retention and Deletion

We retain information only as long as reasonably necessary to provide Services, maintain account functionality, comply with legal obligations, resolve disputes, and maintain backups and disaster recovery systems.

Users may request account deletion or data deletion requests through privacy@my859.ai. Certain data may persist temporarily within encrypted backup or archival systems before permanent deletion.

Third-Party Integrations

my859 integrates with third-party services at the direction of users. Users maintain control over which integrations are connected and what permissions are granted. Third-party services operate independently from my859 and remain subject to their own privacy policies, security controls, and terms of service.

Security Limitations

While my859 implements commercially reasonable safeguards, no platform, infrastructure provider, or transmission method can guarantee absolute security. Users are encouraged to:

  • Use strong passwords
  • Enable multi-factor authentication where available
  • Review connected integrations regularly
  • Protect access to their devices and accounts

Compliance and Security Roadmap

my859 continuously evaluates and improves its operational, privacy, and security practices as the platform evolves. Our security program may continue to mature over time through expanded monitoring capabilities, additional infrastructure controls, vendor assessments, compliance initiatives, formalized security processes, and customer-requested enterprise features.

Contact

For security-related questions or concerns, contact privacy@my859.ai.