← Back to home

Security

Last updated: May 31, 2026

Encryption

All data is encrypted in transit using TLS and encrypted at rest by our infrastructure providers.

Your data is never used to train models

Your queries and reports are processed to produce your deliverable and are not used to train AI models or shared with third parties for their own purposes. Our LLM providers operate under zero-retention / no-training terms for our traffic.

Access controls

Access to production systems and customer data is restricted to authorized personnel on a need-to-know basis and protected by authentication controls.

Subprocessors

We rely on a small set of established providers: Supabase (database/auth), Cloudflare R2 (storage), Stripe (payments), and Anthropic/OpenAI (LLM processing).

Certifications

We follow industry security best practices. Formal certifications such as SOC 2 are on our roadmap; we are happy to discuss our current controls with prospective enterprise customers.

Reporting a vulnerability

Found a security issue? Please email [email protected] and we will respond promptly.