Trust · Data & AI

Powerful AI,
handled responsibly.

Q: Do you have SOC 2 / ISO 27001 / HIPAA certification?

We won't claim certifications we don't hold. As a focused studio we work to the practices described on this page: data minimization, least-privilege access, no training on your data, and human review of consequential actions. If your category requires a specific framework or a signed DPA, raise it on the intro call and we'll tell you honestly what we can and can't meet.

We build and operate AI systems that touch your brand and your data, so how we treat both matters. Plain commitments, no fabricated badges — what we take, how we guard it, and the explicit line on what we will and won't do with AI.

Book the AI Brand Audit · $1,500 Read the privacy policy →

Data: Minimized · yours, not training fuel
Actions: Human-in-the-loop by default
Ownership: What we build, you own
Badges: None we don't actually hold

/01 · Data handling

What we take, and how we treat it.

The whole posture in one principle: hold the least data, for the shortest time, used only for your work. Here is what that means in practice.

We take the minimum, and we tell you what it is

We only ask for the data a given engagement actually needs — your catalog, claims and public brand information for an audit; deeper access only when a build requires it. Before anything sensitive changes hands we name exactly what we need and why, in writing. No vacuuming up everything 'just in case.'

Data minimization · written scope

Your data is used for your work, not as training fuel

What you share is used to do your engagement and nothing else. We do not sell it, we do not hand it to third parties beyond the named tools a project runs on, and we do not feed your proprietary data into model training. Where a vendor model is involved, we use configurations that exclude your content from training.

No resale · no model training

Access is scoped and ends when the work does

Credentials and access are scoped to the people and systems doing the work, and are revoked when an engagement ends or you ask. We'd rather hold less for less time than keep standing access we don't need. You can request deletion of the data we hold at any point.

Least privilege · revoke on request

What we build, you own

The assets we create for you — your brand ontology, your knowledge graph, the systems and the audit roadmap — are your property and are portable by design. They are model- and platform-agnostic so they survive any single vendor and can move in-house whenever you choose. No hostage data, no lock-in.

Your IP · portable · no lock-in

The formal version — categories, retention, your rights — lives in the privacy policy.

/02 · Human-in-the-loop

The AI drafts. A human decides.

Autonomy is the point of what we build — but autonomy without judgment is how AI systems cause damage. So we draw the line at consequence, not at capability.

Our agents do real work: they research, prepare, draft and queue. What they don't do is take an irreversible or outward-facing action on their own — publishing a page, sending a message, anything touching customers or money. Those sit behind a person's approval, every time.

The split is deliberate. Reversible, low-stakes steps can run automatically, because the cost of a mistake is a quick undo. High-stakes steps never do, because the cost of a mistake is real — and "the agent did it" is not an answer you should ever have to give a customer.

/ The rule

If an action is hard to undo or faces the outside world, a human approves it before it happens. No exceptions for convenience. This is the same human-in-the-loop discipline we install in everything we operate.

/03 · Our AI line

What we will and won't do with AI.

A short, explicit list — the kind we'd want from a firm before letting it near our brand. Written plainly so there's nothing to read between.

We will

Ground systems in your real, sourced facts — a brand ontology with provenance — so answers are correct, not just fluent.
Keep a human on every consequential action, with agents drafting and a person approving.
Test with an eval harness so we can prove a change didn't make quality worse before it ships.
Show our work — reproducible prompts, raw outputs, and a roadmap you keep and can check.
Hand you ownership of the assets we build, portable and vendor-neutral by design.

We won't

Train on your proprietary data or sell it — your data does your work and nothing else.
Let an agent send, publish, or spend on its own — irreversible actions wait for a human.
Claim certifications or badges we don't hold — no trust theater.
Ship fluent-but-unverified answers about your products in regulated categories.
Lock your assets inside our tooling — nothing you paid for should be stranded if you leave.

The trustworthy move with powerful AI isn't a longer disclaimer. It's drawing the line at consequence and keeping it.

Our posture, in one line

/ FAQ

Trust questions, answered straight.

Do you have SOC 2 / ISO 27001 / HIPAA certification?

We won't claim certifications we don't hold — putting a fake trust badge on a page is exactly the kind of thing this page exists to not do. As a focused studio we work to the practices described here: data minimization, least-privilege access, no training on your data, and human review of consequential actions. If your category requires a specific framework or a signed DPA, raise it on the intro call and we'll tell you honestly what we can and can't meet.

Will an AI agent ever take an action — send an email, change my site — on its own?

Not on anything consequential. Every irreversible or outward-facing action — publishing, sending, anything touching money or customers — sits behind human approval by default. Agents draft and prepare; a person signs off before it takes effect. Low-stakes, reversible steps can run automatically; the high-stakes ones never do without a human in the loop.

How do you keep an AI system from confidently saying something false about my brand?

Architecturally, not with a disclaimer. We ground systems in your structured, sourced facts — a brand ontology with a provenance layer — so answers come from connected truth rather than improvised text, and we run an eval harness that scores outputs against known-good answers to catch regressions before they ship. Grounding plus evals is how you make "fluent but wrong" rare instead of hoping for it.

What happens to my data and systems if we stop working together?

You keep what we built — it's your IP and it's portable — and we revoke our access and delete the data we were holding on request. Because the assets are model- and platform-agnostic by design, nothing you paid for is stranded inside our tooling. No exit penalty, no hostage graph.

/ Trust, then build

Responsible by default.
Start with the audit.

The $1,500 AI Brand Audit needs only your public brand information to deliver real value — the lowest-stakes way to see how we work before any deeper access is on the table.