Awardy

Security

Last updated May 23, 2026

Awardy helps teams research award programs, plan opportunities, and manage submission work. That can include commercially sensitive campaign context, unpublished case evidence, internal comments, and planning data. We design our systems and operating practices around protecting that information from unnecessary exposure.

Data Protection

Awardy uses encrypted connections for traffic between browsers, applications, and service providers. Where production data is stored, it is protected using managed infrastructure controls, access restrictions, and provider-level encryption capabilities. We aim to collect only the information needed to deliver the service, support customers, improve product reliability, and comply with legal obligations.

Access Controls

Internal access to customer data is limited to team members and service providers who need it for product operations, support, security, or compliance. We use account-level authentication, role-appropriate permissions, and administrative access reviews as part of our operating process. Customer workspaces are treated as private by default.

Infrastructure and Monitoring

Awardy is built on managed cloud services with standard production controls for deployment, hosting, observability, and availability. We monitor application behavior, investigate production errors, and apply security updates to the application and dependency stack as part of normal maintenance. Backups, logs, and analytics are handled with the same least-access mindset as application data.

AI and Submission Content

Awardy's AI-assisted workflows are intended to help customers structure, analyze, and improve awards work. Customer-provided submission content is not public content. Our AI handling is covered in more detail in the AI Training Policy, including how we think about customer content, model providers, and product improvement.

Vulnerability Reporting

If you believe you have found a security issue affecting Awardy, please contact us at hello@awardyai.com with a clear description, reproduction steps where possible, and any relevant screenshots or request details. Please avoid accessing, modifying, or sharing data that is not yours while validating an issue.

Security Roadmap

Awardy is in an early product stage, so this page will evolve as controls mature. Planned improvements include clearer incident communication procedures, expanded access-review documentation, and customer-facing security materials for procurement and agency IT reviews.