SOV AI

Security

Upload SOV

Incident Response Policy — SOVAI Technology LLC

Starting draft — to be reviewed and formalized; procedures will mature alongside our SOC 2 roadmap.

Purpose

Ensure security incidents affecting SOV AI are detected, contained, and resolved quickly, and that affected customers are informed without undue delay.

What Counts as a Security Incident

  • Unauthorized access to systems, staff accounts, or customer accounts
  • Exposure of customer data (including files in storage or database records)
  • Confirmed or suspected data breach
  • Significant availability incidents (outage or degradation of the production service)
  • Compromise or leak of credentials or keys (e.g., the service-role key, provider API keys)

Roles

The company principal leads incident response: assessing severity, directing containment, and making notification decisions. Given the small team, all members are expected to report and assist as directed.

Response Process

  1. Detect / report — anyone who notices a possible incident reports it immediately to admin@sovaitech.com.
  2. Triage / assess — the response lead confirms whether it is an incident and judges severity: what data, which customers, ongoing or contained?
  3. Contain — stop the bleeding: revoke sessions, rotate keys, disable affected accounts, or take the affected component offline if needed.
  4. Eradicate / recover — fix the root cause, restore normal service, and verify the fix.
  5. Notify — inform affected customers without undue delay (see below).
  6. Post-incident review — write up what happened, why, and what changes will prevent recurrence.

Customer Notification

If we confirm a breach affecting a customer's data, we notify that customer without undue delay, describing what happened, what data was involved, and what we are doing about it.

Evidence and Logging

Preserve relevant logs, timestamps, and records during an incident — do not delete or alter them until the review is complete. Where our standard 30-day data-deletion practice would remove material relevant to an active investigation, preservation for the investigation takes precedence.

Contact

All incident reports and questions: admin@sovaitech.com.

© 2026 SOVAI Technology LLCHome