Security and trust
Designed for source-backed work that still needs human approval.
The workspace is built around tenant-scoped data, explicit source scope, reviewable answers, and export trails. We avoid broad compliance claims unless they are covered by a signed customer agreement.
Tenant isolation
Workspace data is scoped to the authenticated tenant and organization attached to the user session. Public pages do not expose workspace content.
Scoped sources
Answers are grounded in selected project sources. If the right source is missing, the workspace should say what is missing instead of filling the gap.
Approvals and exports
Approval-aware actions and exports keep evidence attached to the review path so teams can inspect what supported the answer.
What we will not claim on a public page
No automatic legal, credit, insurance, employment, or compliance determinations.
No claim that missing documents were reviewed.
No unsupported SOC 2, HIPAA, PCI, or regulatory certification claims.
No cross-customer training or publishing of customer workspace data from public flows.
Security review next step
Bring a representative packet, the approval path, and any required export or audit trail. We will map the source boundaries before asking you to subscribe.