Security & privacy

The AI sees your question.
Never you.

Every file is encrypted into its own silo, identifying details are stripped before any model call, and nothing you upload is ever used for training. This page is the exact inventory of how.

AES-256

Encryption at rest

TLS 1.3

Encryption in transit

Never

Training on your data

None

Cross-account access

None

Identity sent to providers

Discarded

Context after each answer

your file
AES-256 silo
PII stripped
model
PII restored
you
01

Isolated by architecture

Every account is a sealed silo — no code path lets one account read another's files. Chat context is discarded after every answer.

02

Encrypted everywhere

AES-256 at rest, TLS 1.3 in transit — enforced by default across our Supabase / AWS infrastructure.

03

Anonymized before the model

Names, emails, phones, and ID numbers are stripped before anything reaches an AI model, then restored in the answer. The model reads content, not identities.

never sent — names · contact details · IDs · request headers

04

Anonymous to the provider

Provider fields for user IDs stay empty. No customer ID, no identifying headers — your request looks like anyone else's.

05

Links are vetted first

Every link is resolved before it's fetched. Private and internal addresses are blocked, and each redirect is re-checked.

06

Keys stay with you

Connected-app tokens never touch our database — a breach can't leak keys we never held. Sign-in uses PKCE OAuth with server-side session limits.