Security & Data Handling
Your data stays yours.
AI in production means AI touching real systems and real data. Here is exactly how we handle that — in plain English, before your security team asks.
The Principles
Six rules every engagement runs on.
01
Your environment first
Wherever possible, systems are built inside your cloud accounts, your tenant, your repositories. We hold credentials you grant, scoped to the workflow — and you can revoke them at any time.
02
Least-privilege access
We ask for the minimum access the workflow needs, named per system and per person. No shared logins, no standing admin rights, no access that outlives its purpose.
03
No training on your data
Production systems use enterprise API tiers from model providers such as Anthropic and OpenAI, whose terms exclude API data from model training. Your data prompts the model; it does not teach it.
04
Human-in-the-loop by design
Agents act within controls your team defines: approval gates on consequential actions, escalation paths for exceptions, and audit trails on every run. Autonomy is earned per workflow, never assumed.
05
Encryption as table stakes
Data encrypted in transit (TLS 1.2+) and at rest across every system we deploy or operate. Secrets live in managed vaults, never in code or documents.
06
Clean offboarding
When an engagement ends: access revoked, credentials rotated, working copies deleted, and everything — code, documentation, runbooks, decision logs — handed over. You own it all.
The Data Lifecycle
Scoped in writing, start to finish.
Before we start
Mutual NDA as standard. A data processing agreement when personal data is in scope. Access is scoped in writing before anything is granted.
During the engagement
Work happens against your systems under the access you granted. Sample data used for development stays within the engagement environment. We keep a written log of what we can touch and why.
After launch
The system runs in your environment under your controls. Our operational access during The Adoption Mile™ is read-and-tune, reviewed with your owner, and wound down as your team takes over.
Straight Answers
What security teams ask us.
Are you SOC 2 certified?
ClearForge is a senior-led boutique, not a certified data center — and we do not claim otherwise. Our engagement controls are built to align with SOC 2 principles (access management, encryption, change control, incident response), the heavyweight infrastructure lives with certified providers you already trust, and we complete security questionnaires and reviews with your IT team as part of scoping.
Which AI providers touch our data?
Only the ones scoped for your build, under enterprise API terms that exclude training on your data. Model choice is part of the diagnostic — including deploying within your existing cloud agreements (AWS Bedrock, Azure OpenAI, Google Vertex) when that is where your governance already lives.
Can our IT and security team review before we commit?
Yes — we would rather answer hard questions before the build than after. Security review is a standard part of the Forge Diagnostic, and your team keeps veto power over every access grant.
Bring your security team to the first call.
Seriously — we would rather answer the hard questions on day one. Or write to james@clearforge.ai and we will respond within one business day.