Our Commitment
Generex, Inc. takes the security, integrity, and reliability of our platform seriously. Generex is designed as AI operational infrastructure for businesses — powering conversational engagement, workflow coordination, business intelligence, and AI-assisted operational automation. Because our platform may interact with customer communications, scheduling systems, workflows, integrations, and operational processes, security is foundational to everything we build.
Security is integrated into product design, software development, infrastructure architecture, operational workflows, vendor management, and internal access controls. We continuously evaluate and improve our safeguards to address evolving threats, regulatory expectations, and the trust our customers place in us.
Infrastructure & Data Protection
Generex operates on trusted cloud infrastructure providers with enterprise-grade physical, network, and environmental protections. We use layered security controls including encrypted communications, infrastructure isolation, secure network configurations, access restrictions, activity logging, and monitored production environments.
Encryption
Data in transit is protected using TLS encryption. Data at rest is encrypted using industry-standard encryption technologies.
Environment Separation
Where appropriate, Generex separates production, staging, development, and testing environments to reduce operational risk and improve security controls.
Logging & Monitoring
Access to production systems and sensitive operational infrastructure is restricted, monitored, and logged. We maintain internal visibility into authentication events, infrastructure activity, platform anomalies, and operational integrity signals.
Access Control & Authentication
Generex applies strict access management principles internally and across customer-facing systems.
Customer Authentication
Depending on product availability and plan level, Generex may support secure authentication, multi-factor authentication (MFA), single sign-on (SSO), role-based permissions, and session management controls. We strongly encourage customers to use strong passwords, enable MFA, and review account access regularly.
Internal Access Controls
Internal access is granted using least-privilege principles and limited to personnel with legitimate operational need. Administrative access is restricted, reviewed, and monitored. Generex requires team members and vendors with privileged access to follow security and confidentiality obligations consistent with industry best practices.
AI & Operational Security
Generex includes AI-powered systems capable of conversational engagement, workflow orchestration, automation support, operational intelligence, and business outcome coordination. Because AI systems can influence workflows and customer interactions, Generex implements safeguards designed to limit unnecessary data exposure, reduce unauthorized access, isolate customer environments where applicable, and maintain operational integrity.
We continuously review AI operational behavior, prompt security, automation boundaries, and integration permissions to reduce misuse, abuse, or unintended actions.
AI-generated outputs should always be reviewed by customers before being relied upon for legal, financial, medical, compliance, or operationally critical decisions.
Secure Development Practices
Generex follows secure software development practices throughout the product lifecycle. Our processes may include code review, testing, dependency management, vulnerability remediation, infrastructure hardening, and operational monitoring.
We actively monitor for known vulnerabilities, suspicious activity, security misconfigurations, and platform abuse. Where appropriate, we conduct internal security reviews, external assessments, penetration-oriented testing, and infrastructure evaluations.
Third-Party Integrations
Generex may integrate with third-party systems including calendars, CRMs, communication systems, email providers, payment systems, and operational software platforms. We request only the permissions reasonably necessary to provide requested functionality.
Customers retain control over connected integrations and may revoke permissions through Generex settings or the connected third-party provider. While we evaluate vendors and providers carefully, Generex is not responsible for the security practices or operational failures of third-party systems outside our control.
Data Handling & Privacy
Generex is committed to responsible data handling practices. We implement safeguards intended to protect customer information, minimize unnecessary data retention, and reduce unauthorized access risk. We do not sell customer business data to third parties.
Operational analytics, aggregated insights, and de-identified platform intelligence may be used to improve platform performance, reliability, and product capabilities. For more information regarding data handling, please review our Privacy Policy.
Monitoring & Incident Response
Generex maintains internal monitoring and incident response procedures designed to detect, investigate, contain, remediate, and recover from security events. Our operational response processes may include access revocation, infrastructure isolation, credential rotation, forensic investigation, customer notification, and remediation procedures.
If a security incident materially impacts customer data or systems, Generex will provide notification as required by applicable law. We continuously review incidents and operational learnings to strengthen our defenses and improve resilience.
Responsible Disclosure
We appreciate responsible security research and encourage good-faith disclosure of potential vulnerabilities. If you believe you have discovered a security issue involving Generex systems, please contact: security@generexai.com
Please include a description of the issue, reproduction steps if available, affected systems or URLs, and any supporting evidence.
Generex does not pursue legal action against researchers who act in good faith, avoid privacy violations, avoid service disruption, and provide reasonable time for remediation before public disclosure.
Compliance & Governance
Generex is committed to maintaining security and privacy practices aligned with widely accepted standards and evolving regulatory expectations. As the platform evolves, Generex may pursue or support frameworks and controls associated with SOC 2, GDPR, privacy and data governance standards, operational security standards, and enterprise security expectations.
We work collaboratively with customers and partners who require additional security documentation, questionnaires, or compliance discussions under appropriate agreements.
Your Role in Security
Customers also play an important role in maintaining security. We recommend enabling MFA where available, protecting credentials and API keys, reviewing connected integrations regularly, limiting unnecessary access, and promptly reporting suspicious activity.
You should use unique passwords, avoid credential sharing, and notify Generex immediately if you suspect account compromise.
Availability & Operational Integrity
Generex is designed to support reliable operational performance, but no internet-based platform can guarantee uninterrupted availability. We continuously work to improve uptime, resilience, monitoring, scalability, and disaster recovery preparedness. Maintenance windows, infrastructure events, third-party outages, or security events may occasionally affect platform availability.
Contact
For security-related questions, concerns, or vulnerability disclosures, contact:
Generex, Inc.
legal@generex.ai
https://www.generex.ai