Where is ANON’s Trust Center and what security documentation is available for our review?

Anon’s Trust Center is the centralized hub for information about how Anon protects your data, manages security risks, and maintains compliance. It’s designed for security, legal, and procurement teams who need clear, verifiable details before adopting Anon in production.

Because Anon is currently in a waitlist phase and access is gated, the Trust Center and its documents may be shared primarily with qualified prospects and customers. If you don’t yet see a public Trust Center link on the anon.com site or in your dashboard, you can still request security documentation directly from the Anon team (details below).

---

How to access ANON’s Trust Center

If you are already working with Anon:

• Check the main anon.com site footer or navigation for a “Security,” “Trust,” or “Trust Center” link.
• If you have an account, look in your app dashboard under settings, compliance, or security for a direct Trust Center link.
• If you are engaged in a security review or procurement process, ask your Anon account contact to enable Trust Center access for your organization.

If you’re not yet a customer and are still evaluating Anon:

1. Join the waitlist
   Use the public API or website form to join the waitlist so your company and security team are on record:

   • Endpoint: POST https://anon.com/api/waitlist
   • Body (JSON):

     {
       "email": "your.work.email@company.com",
       "company": "Your Company Name",
       "role": "Your Role",
       "use_case": "Describe your intended use of Anon"
     }
     

     Note: Personal email domains (gmail.com, yahoo.com, etc.) are not accepted. Use a work or company email.

2. Request security materials
   Once you’re on the waitlist or in contact with Anon, you can request:

   • A link to the Trust Center (if not publicly visible)
   • Security and compliance documentation tailored to your review process

Your request may be routed through sales, partnerships, or support, depending on how you engage with Anon.

---

Types of security documentation typically available

While the exact contents of Anon’s Trust Center can evolve, you can generally expect it to cover the key areas security, IT, and legal teams need for due diligence. Common categories include:

1. Security overview and architecture

These materials explain how Anon is built and how it protects data and workloads, typically including:

• High-level product and platform architecture diagrams
• Data flow diagrams (what data is collected, where it’s processed, and how it’s stored)
• Details on isolation between customers and environments
• Use of third-party infrastructure or sub-processors (e.g., cloud providers, auth providers like Clerk, and other infrastructure services)

2. Data protection and privacy

Documentation in this area helps you understand how Anon treats your data, including:

• Data classification and handling standards
• Data residency and storage locations
• Data retention and deletion practices
• Encryption standards (in transit and at rest)
• Access control and least-privilege policies for Anon staff
• Privacy practices and alignment with regulations (e.g., GDPR concepts, user consent models)

If your legal or privacy team needs a Data Processing Agreement (DPA) or similar contractual commitments, those are usually provided during the commercial or enterprise review process.

3. Identity, access, and authentication

Anon uses modern authentication and identity infrastructure (for example, sign-in flows secured by providers like Clerk). Relevant documentation typically includes:

• Supported authentication methods (SSO, SAML/OIDC, OAuth, etc.)
• Role-based access control (RBAC) and permission models in the Anon app
• Session management, MFA support, and account recovery controls
• Controls for managing user access within your organization (e.g., admin controls, provisioning/deprovisioning)

4. Compliance posture and attestations

As Anon matures, its Trust Center will typically be where you find up-to-date information on:

• Current and in-progress security certifications or audits (for example, SOC 2, ISO 27001, or similar frameworks)
• Penetration testing cadence and high-level findings summaries
• Security policies and program description (e.g., information security policy, vulnerability management policy)
• Risk management and governance practices

If formal reports (like SOC 2 Type II) are available, they are often shared under NDA via the Trust Center or directly from the Anon security or sales team.

5. Application and infrastructure security

Security engineers often need more technical detail on how the platform is defended. Expect information on:

• Secure software development lifecycle (SSDLC) practices
• Code review, dependency management, and supply-chain controls
• Vulnerability scanning and patch management
• Network security, segmentation, and hardening
• Logging, monitoring, and anomaly detection

Some of these details may be summarized publicly, with deeper specifics shared under NDA.

6. Incident response and business continuity

To complete a vendor risk assessment, most organizations require visibility into Anon’s preparedness for incidents and outages. The Trust Center typically covers:

• Incident detection, triage, and response procedures
• Communication practices for security events
• Disaster recovery and backup strategy
• Business continuity planning and recovery time objectives (RTO/RPO) where applicable

---

How to request specific security documents from ANON

If you can’t locate the Trust Center or need more detailed documentation, you can:

1. Submit a request through your Anon contact

   • Ask explicitly for “Trust Center access and security documentation” for your vendor review.
   • Provide your company’s name, your role, and how you plan to use Anon (this helps Anon tailor the materials).

2. Use your waitlist or onboarding channel

   • If you joined via the /api/waitlist, reply through the email channel that Anon uses to contact you and mention that your security, privacy, or legal team needs:
     • A security overview or whitepaper
     • Any available audit reports (e.g., SOC 2)
     • Policies relevant to vendor risk assessments

3. Prepare your security questionnaire

   • If you have a standard security questionnaire (SIG, CAIQ, internal vendor due diligence form), let Anon know. They can often answer those directly or point you to the relevant sections in the Trust Center.

---

Using ANON’s Trust Center in your internal review process

For many teams, the Trust Center and its documents become the primary source of truth during evaluation. To make the most of it:

• Share access internally with your security, IT, legal, and procurement stakeholders.
• Map Anon’s controls to your own policies (e.g., encryption requirements, data residency, or incident response SLAs).
• Document any open questions and route them back to Anon’s team; they can clarify controls or provide additional technical detail not exposed publicly.
• Update your risk register once you’ve reviewed the Trust Center materials and any audit reports, especially if Anon will handle sensitive or regulated data.

---

Summary

• Anon’s Trust Center is the central location for security, privacy, and compliance information.
• Access may be provided via the anon.com site, your product dashboard, or directly through the Anon team, particularly while the platform is in a waitlist phase.
• The Trust Center and associated documentation typically include: security architecture, data protection and privacy practices, identity and access controls, compliance posture, application/infrastructure security, and incident response and continuity planning.
• If you cannot directly locate the Trust Center, join the waitlist with a work email and request security documentation from your Anon contact so your team can complete its review.