Security

How we protect your data and your business.

Our security principles

  • Your data is yours. We don't train models on your data. We don't sell it. We don't share it.
  • Least privilege. Every integration, every seat, every access point uses the minimum permissions needed.
  • Transparency. You can see exactly what data we have, who accessed it, and when.
  • Never autonomous. The C-Suite never sends emails, makes payments, or takes irreversible actions without your approval.

Data isolation

Each organization's data is completely isolated:

  • Separate encryption keys per organization
  • Memory, conversations, and documents never cross organization boundaries
  • No shared databases or caches between tenants
  • Team members within an organization share context, but individual conversation threads are private to the member

Encryption

  • In transit: All API calls use TLS 1.3. All channel communications are encrypted end-to-end where the channel supports it.
  • At rest: All stored data is encrypted using AES-256. Encryption keys are managed via a dedicated key management service and rotated regularly.
  • OAuth tokens: Stored encrypted with per-organization keys. Tokens are never logged or exposed in error messages.

Access controls

  • Magic link authentication — No passwords to compromise. Login via time-limited magic link sent to your email.
  • SSO (Enterprise) — SAML-based single sign-on for enterprise accounts.
  • Role-based access — Organization owners can manage team member permissions and access levels.
  • Session management — Active sessions are visible and revocable from the Command Portal.

Audit logs

Every significant action is logged:

  • Permission grants and revocations
  • Integration connections and disconnections
  • Team member invites and removals
  • Data exports
  • Memory deletions

Audit logs are available in the Command Portal under Settings → Audit Log and are retained for 12 months.

Data retention

  • Conversations: Retained for the life of your account. Deletable on request.
  • Memory: Retained for the life of your account. You can delete specific memories at any time.
  • Generated documents: Stored in your connected cloud storage (OneDrive, Google Drive). We don't retain copies.
  • Account deletion: Full account deletion removes all data within 30 days. No recovery after deletion.
← Permissions & Integrations COO →