Security & Privacy
We treat automation as critical infrastructure. Our security model is built on three pillars: Isolation, Encryption, and Sovereignty.
Credential Isolation
API Keys and Secrets are never hardcoded. They are stored strictly in Environment Variables (ENV) or the platform's encrypted credential vault (e.g., n8n Credentials store).
Execution Sovereignty
We prioritize 'Self-Hosted' or 'Private Cloud' deployments. This means the automation runs on YOUR infrastructure (or a dedicated instance), ensuring data never leaves your control boundary.
Least Privilege Access
We request only the scopes necessary for the task. If we are automating Gmail, we ask for 'Send' permission, not 'Full Account Management'.
No-Log Data Policy
Our logging payloads are designed to capture 'Transaction IDs' and 'Error States' but redact Sensitive PII (Personally Identifiable Information) unless explicitly required for debugging.
The "Kill Switch" Guarantee
Because we build on your accounts (Supabase, Make, n8n), you retain the ultimate power. If our engagement ends, you simply rotate your API keys.
Outcome: We lose access instantly. Your system keeps running.
Common Compliance Questions
Do you store my customer data?
No. We are a "Data Processor," not a "Data Controller." Data flows through our pipes but is stored in your databases.
Who owns the IP?
You do. Once paid for, all workflow JSONs, scripts, and architecture diagrams are your intellectual property.