Security and trust
Security controls with practical transparency
Your App protects organisational knowledge through database-level tenant isolation, strict application controls, and clear commitments on AI data usage.
- RLS-enforced tenant separation at the row level.
- Customer content is not used to train base AI models.
- TLS in transit and managed encryption at rest.
Last updated: 22 April 2026
Contents
On this page
Commitments
Security commitments
Tenant isolation by default
Each organisation is isolated with row-level security policies in PostgreSQL. Access checks are evaluated in the database itself before records can be returned.
User-scoped requests run with JWT-bound access, while service-role access is limited to tightly scoped backend operations. Automated RLS regression tests help prevent policy drift.
No model training on customer content
We do not use your organisation's documents, prompts, or generated answers to train, fine-tune, or improve foundation AI models.
Retrieval-augmented generation is used to answer questions from your indexed knowledge. Prompt and response handling follows our governance controls described in the Privacy Policy.
Controls
Control framework
Identity and access controls
Managed authentication, optional multi-factor protection, role-based authorisation, and session lifecycle controls help ensure only approved users can access tenant resources.
Application and API hardening
Strict CSP, per-request script nonces, server-side validation, and structured error handling reduce common attack vectors and limit internal detail exposure.
Operational governance
Service-role access is restricted to tightly scoped server workflows. Normal product operations use JWT-scoped access so row-level policies are always applied.
Infrastructure and data handling
Traffic is encrypted in transit using TLS. Data at rest is protected through managed encryption controls in our database and object storage layers. Session cookies are HTTP-only and secure in production environments.
We rely on established cloud providers for hosting and core infrastructure. AI providers process prompts, relevant document excerpts, and completions to generate responses, under contractual data handling safeguards.
For a high-level list of provider categories, see our Privacy Policy. Named subprocessors are available by request under contract.
Responsible disclosure
If you identify a possible vulnerability, email hello@example.com and include:
- A concise summary of the vulnerability and likely impact.
- Reproducible steps, including affected endpoints or URLs.
- Any supporting evidence that assists triage.
- Your preferred attribution name, if credit is requested.
We ask for a reasonable remediation window before public disclosure. Good-faith researchers who act to protect confidentiality and service availability are treated with respect.