Trust & Security

Security you can build on

GENNOW holds your organization’s institutional knowledge: narratives, grant, grant applications, financial records, evaluation frameworks, and outcomes. Protecting that intellectual property is a core product capability, not an afterthought. Here is exactly how we do it.

Last reviewed June 2026  ·  Questions? security@gennowtech.com
Encrypted end to endIn transit and at rest, on Google Cloud infrastructure.
HTTPS everywhereValid SSL, HTTP redirected, secure APIs only.
You own your dataEvery document and asset stays your property.
Role-based accessEvery record inherits your team’s permissions.
How we protect your work

The security model

Eight layers work together so your knowledge, documents, and funding assets stay private, available, and yours.

Platform security

Every environment runs over HTTPS with a valid SSL certificate. All HTTP traffic is redirected to HTTPS and every API call is authenticated and served over TLS.

  • HTTPS on every environment, with HTTP redirected automatically.
  • Valid SSL certificate on the custom domain.
  • Secured, authenticated API communication only.

Encryption

Your data is protected using Google Cloud and Firebase security best practices, encrypted both while moving and while stored.

  • Encrypted in transit over TLS.
  • Encrypted at rest in the cloud database and storage.
  • Uploaded documents stored securely; storage paths are never exposed publicly.

Authentication

Accounts are protected with secure, server-enforced authentication and sensible session controls.

  • Email & password with secure password reset.
  • Secure session management, expiration, and account lockout after repeated failed attempts.
  • Architecture ready for Google & Microsoft login and MFA (on the roadmap).

Cloud infrastructure

GENNOW runs on Google Cloud and Firebase, managed, redundant infrastructure trusted by organizations worldwide.

  • Managed hosting with provider-level physical & network security.
  • Server-side security rules govern every read and write.
  • Continuous platform monitoring.

Role-based permissions

Every document, workspace, comment, asset, program, report, and financial record inherits permissions from the authenticated user’s role.

  • Roles for Owner, Administrator, Staff, Grant Writer, Reviewer, Trainer, and read-only Board Member.
  • Permissions enforced consistently across every module.
  • Access changes are logged in your audit history.

Backups & availability

Your organizational knowledge is durable. Built on managed cloud services designed for resilience and high availability.

  • Redundant, regularly backed-up cloud storage.
  • Workspace data retained so you can reactivate after cancellation.
  • Export your data when you need it.

Responsible AI usage

AI accesses your organizational content only to perform authorized platform functions you ask for: drafting, scoring, and coaching.

  • AI works only within your authorized workspace functions.
  • Only content you approve trains your organizational voice profile.
  • Your content is never used to train models for other organizations.

Audit history

Owners and Administrators can review a complete activity log of who did what, when, and in which module.

  • Tracks documents, assets, grants, reports, invites, permission & AI activity.
  • Records timestamp, user, organization, module, and action.
  • Viewable from Settings by Owners & Administrators.
Data ownership

Your knowledge belongs to you

Organizations retain full ownership of every uploaded document, narrative, asset, report, and grant. GENNOW never claims ownership of your intellectual property.
You own your content

Documents, narratives, programs, evaluations, and reports remain your property, during your subscription and after.

We never resell it

We do not sell your information and do not use your content for advertising or cross-organization training.

You can take it with you

Export your organizational knowledge whenever you need it. Your data is portable, not locked in.

Privacy

Privacy by design

We collect only what we need to operate your workspace, never sell your personal information, and don’t use third-party advertising trackers. GENNOW is not a fund holder and never collects, holds, or transmits grant funds. Full details are in our Privacy Policy.

Compliance

Where we are, and where we’re headed

We believe in being precise about security. The measures below are in place today. Formal certifications are part of our roadmap. We will only claim them once independently achieved.

In place today Live

Operating across the platform now.

  • HTTPS & valid SSL on every environment, HTTP redirected.
  • Encryption in transit and at rest via Google Cloud.
  • Server-side access rules & role-based permissions.
  • Secure authentication with session expiration & lockout.
  • Audit history for Owners & Administrators.
We do not claim certifications we have not earned. SOC 2, ISO 27001, and HIPAA are roadmap items above. GENNOW is not currently certified under these frameworks. We will update this page the moment that changes.

Report a security concern

Found a vulnerability, or have a question about how your data is protected? We take every report seriously and respond quickly. Email security@gennowtech.com.

Contact security