Security.

Your data never stops being yours

Every tool we build is designed around one rule: your donor, client, and program data stays under your control, in your systems, and out of anyone's training set. Here is how we hold that line, and the questions boards ask most.

How we hold the line.

Six commitments behind every build

Never used for training

We build on zero-retention, enterprise AI tiers — never the consumer chatbots. Your data isn't used to train models, and we'll show your board the exact vendor terms in writing.

Least privilege by default

Each tool touches only the data it needs, read-only wherever possible. Scoped access, no blanket admin keys — so a single tool can never reach further than its job.

A human approves what matters

Nothing sends externally or writes to a system of record without a person signing off. Our tools draft; your team decides. The AI never acts on its own.

Built to your compliance regime

We identify which rules apply — HIPAA, FERPA, and the like — before we build, and design to them from the start. Sometimes the honest answer is that data shouldn't go through a model at all.

You own it, and you can switch it off

Every tool runs in your accounts, in standard code. You can revoke access or turn a tool off at any moment — there's no proprietary black box holding your data hostage.

A plain-English data policy

Every tool ships with one page any board member can read: what it touches, where data goes, who can access it, what the AI vendor does with it, and how to switch it off.

Questions boards ask.

The security questions, answered plainly

Working together.

Have a data question before we build?

We take on new clients by referral only — but if we share someone in common, we're always glad to talk through how a tool would handle your data.

Ask for an introduction