Security & Trust at Legion AI

Legion AI is built for regulated verticals — medspas, healthcare-adjacent services, and multi-location operators. Our security program covers data encryption, access controls, TCPA compliance for AI calling, and vendor due diligence.

Contact security

Data protection

All customer data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Backups run daily with point-in-time recovery.

Access controls

Role-based access, SSO for enterprise plans, and detailed audit logs on every user action.

TCPA & compliance

AI calling honors DNC lists, per-state calling hours, and consent capture on every touch.

Sub-processors

We maintain a current list of sub-processors. Contact us for the full DPA and vendor list.