Security

Decision records, milestones, and outcome reviews are stored with append-only change history. Finalized decisions are immutable; updates create new versions so audit trails are preserved.

Access to workspaces and shared views is controlled by roles and invitations. Enterprises decide what to share and with whom.

All traffic between your browser and our services uses TLS. Data at rest is stored in secure, access-controlled environments. Credentials are hashed; we do not store plain-text passwords.

You own your data. Diagnostic inputs, decisions, and execution artifacts are yours. Sharing with partners (e.g. portfolio view) is opt-in and scoped. We do not use your decision or execution content for marketing.

For capital partners: visibility is granted only when an enterprise invites you; you see only what they choose to share.

We use industry-standard hosting and access controls. Access to production systems is limited and logged. We respond to security issues in line with our incident response practices.