Built to earn your trust.
Mavrick operates inside your Slack and touches your ad accounts. Here's exactly how we protect what you hand us.
All data moves over TLS 1.2+. Credentials and tokens are encrypted at rest. Slack tokens are stored encrypted and never logged.
Mavrick reads messages to act on them — it does not store message bodies. Conversation context is flushed after each session. Metadata is retained only as long as needed.
Mavrick requests only the Slack scopes it needs to operate. No admin-level access. No reading private channels it hasn't been invited to.
Hosted on Vercel (edge) and Modal (compute). Both providers maintain SOC 2 compliance. No customer data is stored on Mavrick-owned hardware.
Third-party integrations (Meta Ads, CRM, etc.) use OAuth tokens scoped to the minimum permissions required. Tokens are encrypted and never exposed to other customers.
Security issues are triaged within 24 hours. Affected customers are notified promptly. Full incident reports are available on request.
Need a security review, penetration test results, or a signed DPA? Reach out and we'll respond within one business day.