Skip to main content
Enterprise-Grade Protection

Security & Privacy

Flexible deployment options designed to meet your organization's security requirements—from cloud-hosted solutions to design-only packages for classified environments

Our Security Approach

We understand that strategic reasoning work often involves sensitive information. Our security architecture is designed with this reality in mind.

End-to-End Encryption

All data transmissions use TLS 1.3 encryption. Data at rest is encrypted using AES-256.

No Data Retention

Your analytical data is processed in memory only. We do not store client data beyond active session requirements.

Access Controls

Role-based access control, multi-factor authentication, and audit logging for all system interactions.

SOC 2 Aligned

Our processes align with SOC 2 Type II requirements for security, availability, and confidentiality.

Deployment Options

Choose the deployment model that matches your security posture and operational requirements

Standard SecurityAvailable Now

Cloud-Based Deployment

Systems hosted on enterprise-grade cloud infrastructure with comprehensive security controls.

  • Managed security updates and patches
  • Automatic backups and disaster recovery
  • Web interface and API access
  • Suitable for most commercial applications
Enhanced SecurityAvailable Now

Design-Only Package

Complete system specifications and architecture documentation for self-implementation.

  • Full technical documentation
  • Implementation guidance
  • Zero data exposure to third parties
  • Deploy on your own infrastructure
Maximum SecurityOn Roadmap

Self-Hosted Solutions

On-premises deployment for environments requiring complete infrastructure control.

  • Air-gapped deployment capability
  • Full source code access
  • Custom security configurations
  • Suitable for classified environments

For High-Security Clients

We recognize that some clients operate in environments where even cloud-based processing with enterprise security isn't sufficient. For these clients, we offer specialized approaches:

OSINT-Only Configurations

Systems designed to work exclusively with publicly available information, suitable for organizations that cannot process non-public data through external systems.

Design-Only Deliverables

Complete system architecture, reasoning frameworks, and implementation specifications without any data processing. Your team deploys on your own secure infrastructure.

Self-Hosted Roadmap

We are developing turnkey self-hosted solutions for on-premises and air-gapped deployments. Contact us to discuss timeline and requirements.

Government & Enterprise

For government agencies and enterprise clients with specific security requirements, we offer:

  • Custom security assessments
  • Tailored compliance documentation
  • Custom NDA and security agreements
  • Dedicated security point of contact
Discuss Security Requirements

Security FAQ

Where is my data stored?

For cloud deployments, data is processed on secure servers located in the United States. We do not retain analytical data beyond active sessions. System configurations and account information are encrypted and stored according to industry best practices.

Can your systems handle classified or sensitive government data?

Our cloud-based systems are designed for unclassified (OSINT) analysis. For classified or sensitive environments, we offer design-only packages where you receive complete system specifications to implement on your own secure infrastructure. Self-hosted solutions for classified environments are on our roadmap.

What about data shared with AI model providers?

We use enterprise API agreements with AI providers that include contractual guarantees against training on client data. For maximum security, design-only packages allow you to implement systems with your own model infrastructure or air-gapped local models.

Do you sign NDAs and security agreements?

Yes. We execute mutual NDAs and can accommodate client-specific security requirements as part of our engagement process. Enterprise clients may require custom security assessments and agreements.

What compliance frameworks do you follow?

Our processes align with SOC 2 Type II principles. We can provide security questionnaires and compliance documentation upon request. For regulated industries, we work with clients to meet specific compliance requirements.

Can I get my data deleted?

Since we do not retain analytical data, there is nothing to delete from processing sessions. Account and configuration data can be permanently deleted upon request with written confirmation within 30 days.

Questions About Security?

We're happy to discuss your specific security requirements and help identify the right deployment approach for your organization.

Contact UsView Services