Our commitment to
security


At Manuscript, security is at the heart of everything we do. We prioritize enterprise-grade security and conduct regular audits to ensure you're always protected. We also conduct security reviews, follow stringent data protection measures, and are designed to be SOC 2 compliant.

Data we collect and store

Manuscript is a SaaS offering, and all aspects of our platform are hosted by Manuscript. In the future, we may support self-hosted agents for our customers to host agents in their own infrastructure.

The following types of data are collected and stored by Manuscript in order to provide our services:

  • Account metadata (company name, payment plan, etc.)

  • User account data (email, avatar, group membership, etc.)

  • Workflow metadata (names, description, parameters, etc.)

  • Run metadata (run requester/approver/executor, timestamp, etc.)

  • Resource metadata (database connection information)

  • Usage analytics data (URLs of pages visited, etc.)

  • Logs and output produced by Manuscript workflows

Any resources (e.g. databases) connected to Manuscript are stored and managed by you. We do not copy their contents.

We do not currently offer an on-premises or fully customer-hosted version of Manuscript, but if you're interested in this, please email us at hello@manuscript.io.

System inputs
Manuscript requires that system inputs contain the appropriate characteristics to ensure inputs and their data are properly entered into the system to maintain processing integrity.


Manuscript defines and requires the following characteristics for systems inputs: 

  • Complete

  • Accurate

  • Up-to-date

  • Relevant

  • Timely

  • Reviewed and/or validated

Additionally, Manuscript defines the following types of data inputs within the system:

  • Manual information inputs including company information and any free form text box and additional details

  • Workflow configuration data: workflow names, triggers, and automation rules

  • Integration data: API keys, endpoint URLs, and field mappings

  • User input data: form fields, action parameters, and file uploads

  • Event and log data: task statuses, error logs, and system notifications

  • Client data: client account information and custom settings for workflows

Manuscript has implemented the following system input controls to ensure that data inputs are properly configured to result in complete and accurate data:

  • Edit checks for system inputs

  • Input validations for system inputs

  • Logging and monitoring of system inputs

  • Access controls that ensure appropriate and authorized personnel are inputting data

Infrastructure and network security

Security is a top priority for us and we take the following measures to keep your data and account secure.

Hosting

Manuscript is hosted on Google Cloud Platform (GCP) and all of our GCP servers are located in the United States. GCP data centers have state-of-the-art physical access controls, logical access controls, and frequent third-party independent audits. Google has published a detailed security whitepaper outlining these measures.

Manuscript employees have audited and as-needed access to infrastructure on GCP. All employees have dedicated user accounts and access infrastructure via two-factor authentication.

SOC 2 compliance

Manuscript is currently undergoing an audit readiness preparation to achieve SOC 2 compliance.

Encryption

All data in transit is encrypted over HTTPS/TLS between you and Manuscript's servers. All data at rest is stored encrypted and replicated for durability.

Application security

Two-factor authentication and single sign-on

Manuscript will support SSO, allowing customers to enforce that users sign in using customer-managed identity providers.

G Suite SSO is restricted to domain(s), so that customers can ensure users only sign in using customer-managed G Suite accounts.

Two-factor authentication for application login can be enforced at the identity provider level (e.g. by turning it on within G Suite).

Group-based permissions

To implement granular access to viewing and running workflows, Manuscript will allow customers to define groups within the application and assign users to groups. Workflows can be individually configured to allow only certain groups the ability to view, request, and execute.

Business continuity and disaster recovery

High availability

The Manuscript platform uses properly-provisioned, redundant servers (e.g. multiple load balancers, web servers, replica databases) to gracefully handle failures of nodes and/or data centers. As part of regular maintenance, servers are taken out of operation without user-noticeable impact.

Business continuity

Manuscript keeps daily and point-in-time encrypted backups of data in multiple regions on Google Cloud Platform. While never expected, in the case of production data loss, we are able to restore customer data from these backups. Manuscript's service runs in the us-east1 region.

Disaster recovery

In the event of a region-wide outage, Manuscript will bring up a duplicate environment in a different Google Cloud Platform region. Manuscript infrastructure is designed to be portable and restorable under different regions.

How to report vulnerabilities

You can email security@manuscript.io with details on any security vulnerabilities you discover.

For more information please refer to the following:

Terms of Use
Privacy Policy
Privacy Policy for California Residents
End User License Agreement


At Manuscript, security is at the heart of everything we do. We prioritize enterprise-grade security and conduct regular audits to ensure you're always protected. We also conduct security reviews, follow stringent data protection measures, and are designed to be SOC 2 compliant.

Data we collect and store

Manuscript is a SaaS offering, and all aspects of our platform are hosted by Manuscript. In the future, we may support self-hosted agents for our customers to host agents in their own infrastructure.

The following types of data are collected and stored by Manuscript in order to provide our services:

  • Account metadata (company name, payment plan, etc.)

  • User account data (email, avatar, group membership, etc.)

  • Workflow metadata (names, description, parameters, etc.)

  • Run metadata (run requester/approver/executor, timestamp, etc.)

  • Resource metadata (database connection information)

  • Usage analytics data (URLs of pages visited, etc.)

  • Logs and output produced by Manuscript workflows

Any resources (e.g. databases) connected to Manuscript are stored and managed by you. We do not copy their contents.

We do not currently offer an on-premises or fully customer-hosted version of Manuscript, but if you're interested in this, please email us at hello@manuscript.io.

System inputs
Manuscript requires that system inputs contain the appropriate characteristics to ensure inputs and their data are properly entered into the system to maintain processing integrity.


Manuscript defines and requires the following characteristics for systems inputs: 

  • Complete

  • Accurate

  • Up-to-date

  • Relevant

  • Timely

  • Reviewed and/or validated

Additionally, Manuscript defines the following types of data inputs within the system:

  • Manual information inputs including company information and any free form text box and additional details

  • Workflow configuration data: workflow names, triggers, and automation rules

  • Integration data: API keys, endpoint URLs, and field mappings

  • User input data: form fields, action parameters, and file uploads

  • Event and log data: task statuses, error logs, and system notifications

  • Client data: client account information and custom settings for workflows

Manuscript has implemented the following system input controls to ensure that data inputs are properly configured to result in complete and accurate data:

  • Edit checks for system inputs

  • Input validations for system inputs

  • Logging and monitoring of system inputs

  • Access controls that ensure appropriate and authorized personnel are inputting data

Infrastructure and network security

Security is a top priority for us and we take the following measures to keep your data and account secure.

Hosting

Manuscript is hosted on Google Cloud Platform (GCP) and all of our GCP servers are located in the United States. GCP data centers have state-of-the-art physical access controls, logical access controls, and frequent third-party independent audits. Google has published a detailed security whitepaper outlining these measures.

Manuscript employees have audited and as-needed access to infrastructure on GCP. All employees have dedicated user accounts and access infrastructure via two-factor authentication.

SOC 2 compliance

Manuscript is currently undergoing an audit readiness preparation to achieve SOC 2 compliance.

Encryption

All data in transit is encrypted over HTTPS/TLS between you and Manuscript's servers. All data at rest is stored encrypted and replicated for durability.

Application security

Two-factor authentication and single sign-on

Manuscript will support SSO, allowing customers to enforce that users sign in using customer-managed identity providers.

G Suite SSO is restricted to domain(s), so that customers can ensure users only sign in using customer-managed G Suite accounts.

Two-factor authentication for application login can be enforced at the identity provider level (e.g. by turning it on within G Suite).

Group-based permissions

To implement granular access to viewing and running workflows, Manuscript will allow customers to define groups within the application and assign users to groups. Workflows can be individually configured to allow only certain groups the ability to view, request, and execute.

Business continuity and disaster recovery

High availability

The Manuscript platform uses properly-provisioned, redundant servers (e.g. multiple load balancers, web servers, replica databases) to gracefully handle failures of nodes and/or data centers. As part of regular maintenance, servers are taken out of operation without user-noticeable impact.

Business continuity

Manuscript keeps daily and point-in-time encrypted backups of data in multiple regions on Google Cloud Platform. While never expected, in the case of production data loss, we are able to restore customer data from these backups. Manuscript's service runs in the us-east1 region.

Disaster recovery

In the event of a region-wide outage, Manuscript will bring up a duplicate environment in a different Google Cloud Platform region. Manuscript infrastructure is designed to be portable and restorable under different regions.

How to report vulnerabilities

You can email security@manuscript.io with details on any security vulnerabilities you discover.

For more information please refer to the following:

Terms of Use
Privacy Policy
Privacy Policy for California Residents
End User License Agreement