Security & auditability
These automations touch sensitive workflows. The default stance is least privilege, minimal retention, and auditable behavior.
Data processing
- •Data is processed only as needed to run the workflow you approve.
- •Where processing occurs (your environment vs hosted) is defined per project.
Access controls
- •Integrations use scoped service accounts where possible.
- •Permissions follow least privilege and are reviewed before launch.
Identity-linked logs
- •Actions are logged with identity context (who approved, who triggered, what changed).
- •Logs include timestamps, source, destination, and outcome (success/fail).
Retention
- •Minimum retention window: 60 days for operational troubleshooting and audit trails.
- •Longer retention available if your policy requires it.
- •Uploads are retained for 30 days by default for scoping and then deleted, unless you request otherwise.
Secrets / API keys
- •Stored in a secrets manager or encrypted vault (never hardcoded).
- •Rotatable, scoped, and access-logged.
Human-in-the-loop
- •High-impact actions can require review/approval.
- •Confidence thresholds route uncertain cases to review instead of guessing.
Rollback / disable
- •Every automation ships with a kill switch and rollback plan.
- •If something behaves badly, it stops—immediately.
NDA + redaction
- •NDA available.
- •Redaction guidance provided, and sample retention is minimized by default.