We enforce "Security by Design" at the database, application, and AI layer.
We enforce strict logical separation via Postgres RLS policies. Every database query—including Vector Search—automatically filters by your org_id at the engine level, making cross-tenant data access mathematically impossible.
All agent outputs are anchored in "Today's Date" and your specific GTM DNA context to prevent hallucinations.
Agents operate on a "Least Privilege" basis. They cannot spend budget or send emails without an explicit scoped token.
LLM Context Windows are ephemeral. We do not use your data to fine-tune shared foundation models (e.g., Gemini 2.0 Flash).
We use Supabase Auth for secure identity management, supporting Magic Links and Social Login (Google). All sessions are JWT-encrypted.
Data is encrypted at rest (AES-256) and in transit (TLS 1.3). API Keys for third-party tools are stored in a separate encrypted vault.