Transparency builds trust. Here's how we protect your data, your clients' data, and your compliance posture — at every layer of the stack.
Data isolation is enforced at the database level, not the application layer. Every query, every session, and every stored record is scoped to your organization.
Every query is scoped to your organization via PostgreSQL RLS policies. Data isolation is enforced at the database level, not the application layer. Even if application logic had a bug, the database would refuse cross-tenant access.
Each organization operates in a fully isolated context. Session-level org binding ensures zero cross-tenant data leakage. Switching organizations triggers a full session regeneration to prevent context bleed.
All data encrypted at rest (AES-256) and in transit (TLS 1.3). Database connections use SSL with certificate validation. File storage uses Supabase's managed encrypted object storage.
We hold ourselves to the same standards we help you achieve.
Choose your data region. Supabase projects available in US, EU, and APAC. Data stays in your selected geography.
AES-256 encryption for all stored data via Supabase's managed PostgreSQL. Application-level secrets use AES-256-GCM with unique IVs per record.
TLS 1.3 for all API communications. HSTS enforced. Database connections require SSL with certificate validation — plaintext refused.
Role-based access across Admin, Manager, Analyst, and Viewer tiers. Principle of least privilege enforced. Permission checks fail-closed on null.
Every sensitive operation logged with user identity, timestamp, and action detail. Logs are org-scoped and immutable via append-only patterns.
Our AI engine is designed with security-first principles. Every input sanitized, every output validated, every key encrypted.
All user and external content passes through a dedicated input sanitization pipeline before reaching AI models. The pipeline detects multiple categories of injection patterns — role hijacking, instruction override, system reveal, XML injection, and context overflow. Hostile patterns are replaced with [REDACTED], creating an audit trail.
AI-generated values (severity, categories, types) are validated against whitelists before database insertion. No raw AI output reaches storage. Messages and conversation length are capped to prevent abuse. Malformed JSON triggers validation errors, not pass-through.
Database-backed rate limiting on all AI endpoints — per-organization rate throttling prevents abuse. Per-user and per-org throttling is enforced at the database layer. Rate limit state is stored in PostgreSQL, not in-memory, so it survives server restarts and horizontal scaling.
Bring Your Own Key — use your organization's API keys for AI providers. Keys are encrypted at rest using AES-256-GCM with unique initialization vectors per record. Keys are never returned in API responses, never logged, and never visible after storage.
What we collect, how it's stored, how long we keep it, and what you can demand we delete.
We believe AI in compliance must be held to a higher standard. These are the commitments we make — and enforce in code.
Your compliance data is never used to train AI models. We use commercial API access with strict data processing agreements in place with Anthropic and OpenAI. Your responses stay yours.
We document which AI models power each feature. We use leading commercial AI models with strict data processing agreements. Model versions are pinned for consistency across your assessment cycles.
Each AI feature uses near-zero temperature settings optimized for accuracy over creativity. Compliance analysis runs near-deterministic — outputs you can rely on across audit cycles. Every endpoint is individually tuned for its task.
Purpose-built on managed, enterprise-grade infrastructure with no single points of failure.
Our team is happy to discuss security practices, share compliance documentation, or arrange a security review call with your team.