Security is architecture — not an add-on

We do not claim SOC2 or ISO until earned. We provide transparent documentation and technical review sessions.

Role-Based Access Control

Explicit permissions at organization, workspace, role, and action level. No implicit access.

Every mutation logged with identity, timestamp, and context. Not deletable by admins.

Outputs linked to source data and human review steps. No floating numbers or AI claims.

Multi-tenant separation at data, permissions, and audit log boundaries.

AI outputs are drafts. Export and approval require explicit human authorization.

Customer data is not used to train external models. Deletion rights documented.

We do not claim SOC2 or ISO until earned. We provide transparent documentation and technical review sessions.

Explicit permissions at organization, workspace, role, and action level. No implicit access.

Every mutation logged with identity, timestamp, and context. Not deletable by admins.

Outputs linked to source data and human review steps. No floating numbers or AI claims.

Multi-tenant separation at data, permissions, and audit log boundaries.

AI outputs are drafts. Export and approval require explicit human authorization.

Customer data is not used to train external models. Deletion rights documented.