Skip to content

Security

Tenant isolation and zero-knowledge encryption, by design.

Security here is an architecture, not an afterthought — enforced at the database, in every agent’s identity, and on the columns you choose to encrypt end-to-end.

Row-level tenant isolation

Postgres row-level security is enabled and forced on the core tables, so every query is scoped to your tenant at the database — not just in application code.

Zero-knowledge column encryption

Encrypt sensitive columns with AES-GCM and per-user P-256 keys, with owner escrow. We store ciphertext and cannot read the plaintext.

Per-seat agent identity

Every agent seat mints its own scope-pinned token — never a shared master key — so an agent can only touch what it has been explicitly granted.

Hardened auth

Bcrypt password hashing, rotating refresh tokens, and email verification, with an unverified scope until a new account confirms its address.

Encrypted secret columns

Store API keys and credentials in secret columns; plain reads return only whether a value exists, never the value itself.

Private semantic search

Search-by-meaning runs on tenant-local models on our own infrastructure — your content never goes to a metered third-party AI.

On compliance

Honest status

We don’t hold SOC 2 or ISO certifications yet, and we won’t claim badges we haven’t earned. What we can offer today is the architecture above — forced row-level isolation, zero-knowledge encryption, and per-seat identity — plus a Data Processing Agreement on request. If a formal certification is a requirement for you, talk to us about the roadmap.

Security FAQ

Security questions, answered

How is one tenant’s data isolated from another’s?
Postgres row-level security is enabled and forced on the core tables, so every query is scoped to your tenant at the database level — not just in application code.
What does zero-knowledge column encryption mean?
Sensitive columns are encrypted with AES-GCM using per-user P-256 keys, with owner escrow. The platform stores ciphertext and cannot read the plaintext.
Do you have SOC 2 or ISO certifications?
Not yet — we will not claim certifications we do not hold. Instead we lead with the architecture: forced row-level isolation, zero-knowledge encryption, per-seat identity, and a DPA on request.
How do AI agents fit the security model?
Agents are constrained by the same permissions and tenant isolation as people, and each has its own scoped identity — so an agent can only touch what it has been explicitly granted.

Build on a foundation you can read.

Start free and encrypt what matters from day one.