Security & Compliance Overview

Security is the whole point of Zeuslock — it exists to keep sensitive data from leaking into AI tools. This page summarizes the main protections in place today.

Your sensitive data stays minimal

Zeuslock is built to keep raw secrets out of AI tools and out of its own records. When it detects something sensitive it can anonymize it — replacing the real value with a safe placeholder so it never leaves the browser — and it stores only a redacted record of an incident, not your raw secret.

Securing your account

• Sign in with email and password.
• Turn on Two-Factor Authentication (Settings → Two-Factor Authentication) for a one-time code at login.
• Change your password anytime from Settings → Change Password.

Controlling who can do what

• Role-based access — Admin, User, Viewer, and Viewer User — so people get only the access they need (for example, read-only Viewers).
• Your organization always keeps at least one admin, and you can remove people you no longer need from the Users page.

Protecting your API keys

API keys authenticate your integrations. Create one key per integration and revoke any key instantly from the API Keys page if it is exposed or no longer needed.

Your data rights (GDPR)

From Settings → Privacy & Data you can export your data and delete your account and its data. Deletion is permanent.

Hosting & transport

All traffic to Zeuslock uses HTTPS, and Zeuslock's infrastructure runs in the EU.

Compliance

By keeping sensitive data from reaching AI tools and recording every detection as an incident, Zeuslock helps you meet data-protection obligations such as GDPR. For detailed compliance documentation (for example a DPA) or questions about a specific framework, contact your Zeuslock representative.