Aonyx Labs

Aonyx Labs

Search the Trust Center...
Ctrl +K

Aonyx Labs | Trust Center

test out

Quick links


Badges

21-cfr-11
21 C.F.R. Part 11
iso-22301-2019
ISO 22301:2019
iso-27018-2019
ISO 27018:2019
itar
ITAR
hds
HDS
cmmc-level-1
CMMC Level 1
cmmc-level-2
CMMC Level 2
cmmc-level-3
CMMC Level 3
nist-800-53
NIST

Our Philosophy

At Aonyx Labs, security is not an afterthought — it is embedded into the design, development, and operation of everything we build. We believe that earning and maintaining customer trust requires a commitment to transparency, continuous improvement, and verifiable controls.

Our Information Security Management System is governed by the AICPA Trust Services Criteria and aligned to SOC 2 Type II, ISO 27001, and NIST SP 800-53. We encrypt all customer data at rest (AES-256) and in transit (TLS 1.2+), conduct semi-annual third-party penetration tests, and maintain 24/7 security monitoring across all production systems.

We hold ourselves accountable through annual audits, formal vulnerability management, and a published Responsible Disclosure Policy — because we believe open, honest security practices are the foundation of a trustworthy product.

| Subprocessor | Location of Processing | Usage Details |
|---|---|---|
| Anthropic | United States | LLM provider. LLM providers only process personal data if you choose to add personal data to your Conveyor Knowledge Graph or use our Customer Trust Agent to support workflows that contain personal data. |
| Aptible | United States | Cloud Infrastructure |
| Atlassian Statuspage | United States | Communicating system status to users. |
| AWS | United States | Cloud Services |
| Census | United States | Analytics |
| Chameleon | United States | In app guides |
| Datadog | United States | Logging and Monitoring |
| dbt Labs | United States | Data Warehouse |
| Elastic | United States | Keyword search |

Nadim

Coming Soon

Some info Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley


Quick Summary

One or more annual third-party audit(s)

Has a formal mobile device management (MDM) program

Annual third-party penetration testing

Subprocessors list available

Will enter into a DPA

Has a bug bounty or vulnerability disclosure program

Deletes customer data on request

Has an API available

Uses a centralized IAM solution (SSO) to manage employee access

Has an AI policy


Documents & Knowledge Base FAQs


Announcements

Subprocessor List Updated — February 2026

(Updated again!!)
We have updated our subprocessor list effective February 3, 2026. In keeping with our commitment to transparency, we notify customers of any changes to the third-party services that process data on our behalf.

What Changed

The following update was made to our subprocessor list:

Added: Datadog, Inc. (United States) — Infrastructure monitoring and log management. Datadog is used to monitor system health, performance, and security events across our production environment. Only metadata and anonymized operational telemetry is processed; no customer content is transmitted.
No Changes To

Our core subprocessors remain unchanged: Amazon Web Services (hosting and infrastructure), Zendesk (customer support), and Recurly (subscription billing).

Your Rights

Under our Data Processing Agreement (DPA), customers have the right to object to new subprocessors within 30 days of this notice. If you have concerns or wish to exercise this right, please contact privacy@fuzzy.io.

The updated subprocessor list is available in the Documents section of this Trust Center.



What we offer

Fuzzychart

Intelligent diagramming and visualization platform for creating flowcharts, process diagrams, and architecture visuals with real-time collaboration. Supports RBAC, SAML SSO, and per-region data storage controls.

Typical data access: Typical data access: Diagram content, user account data, collaboration metadata, and optionally customer-managed cloud storage configurations.

Certifications: Cyber Essentials Plus, Cloud Computing Compliance Criteria Catalogue (C5), Cloud Application Security Assessment (CASA)


Featured Documents


Subprocessors
3

Subprocessor
Location of Processing
Usage Details
AWS

AWS

United States
Hosting, storage, and compute infrastructure.*
Broadly

Broadly

United States
test
Vydo

Vydo

Argentina
jj
Last updated . .
View as:

Trusted by

Powered by Conveyor, the first end-to-end customer trust platform.
Learn more