Operations

Security & data handling

Secrets, RLS, PII, and audit trail.

Secrets

All secrets live in the platform vault. Nothing in code, nothing in logs. Rotated on a 90-day schedule, on demand for any incident.

Isolation

Every client gets its own Postgres schema. RLS policies enforce tenant boundaries at the row level, not just the application layer.

PII

  • Redacted before it reaches the model when not needed for the task.
  • Encrypted at rest (AES-256) and in transit (TLS 1.3).
  • Retention windows are per-workflow and configurable.

Audit

Every workflow run stores: inputs, tool calls, model calls (with token counts), outputs, side-effects, and the user/service that triggered it. Immutable; queryable for 12 months.