Security & data posture · v1.0
Last updated 2026-05-07
security · data sovereignty · honest posture
The architecture is the security story.
A factual document for security and procurement teams. We say what we do today, what's available on Scale by agreement, and what's still being built. We do not claim certifications we don't hold or controls we haven't tested. Send questions to security@leedab.com.
Core principle
Customers own their workspace data. We licence the agents that operate inside it.
The "brain" we build with you — every note, decision, conversation, customer record — is your asset. You can export it, fork it, take it elsewhere. The agents that read and write to it are our software, licensed for the duration of the agreement.
This isn't marketing. It's the architecture choice we made first, and it's the reason a lot of what follows is simpler than at companies that route every byte of customer data through their own SaaS-shaped pipes.
Honest posture
LeedAB is an early-stage company. We are not yet SOC 2 certified. We do not hold HIPAA, PCI, or FedRAMP attestations. This document describes the controls actually in place today, what's available on Scale by contract, and what's planned. If your procurement process requires certifications we don't hold, talk to us about Private Deployment — but we won't pretend to a maturity we haven't built.
01
Workspace ownership and portability
- You own your workspace data. 100% of customer-supplied content (notes, documents, conversation history, configurations) is your data. We hold a limited operational licence to read and write it on your behalf for the duration of the agreement.
- Export. Your workspace is stored as Markdown + JSON in a structure you can open with any text editor or Obsidian client. No proprietary lock-in format. Export of customer content and workspace metadata is available on request — typically within 24 hours, no extraction fee.
- Termination. On contract end, we provide a full export, delete from active systems within 30 days, and provide written deletion confirmation. Backups expire on their normal retention schedule (default 30 days) — we'll confirm in writing once they have.
- What stays ours: the agent logic, prompts, orchestration code, integration connectors. These are LeedAB IP, not covered by export.
02
Data flow — exactly what crosses what boundary
A request from your team flows through three components. Here's what happens at each boundary:
[ Your team ]
|
| request via Telegram / web console (TLS 1.3)
v
[ LeedAB orchestrator ] <-- runs in storage region you select on Growth+
|
| reads/writes your workspace (encrypted at rest)
|
| forwards prompt + task-relevant workspace context
v
[ LLM provider — Anthropic primary, OpenAI for specific tools ]
|
| returns response
v
[ LeedAB orchestrator ]
|
| appends action to audit log + (optionally) updates workspace
v
[ Your team ]
What is sent to the LLM provider per request: the user's prompt + the task-relevant context drawn from the workspace. We do not intentionally send the entire workspace upstream for a single request.
Important honesty point: LLM inference, CDN, observability, and payment subprocessors may process data in regions other than your selected workspace storage region. Those regions are listed in section 09. "Region of choice" applies to LeedAB application storage; provider-side inference is governed by your chosen LLM provider's regions and policies.
03
LLM providers and training use
| Provider | Use | Training opt-out | Provider retention (default) |
|---|
| Anthropic (Claude) |
Primary — agent reasoning |
API default opts out of training |
Up to 30 days for abuse monitoring; ZDR available under specific contractual arrangements |
| OpenAI |
Specific tools — transcription (Whisper), embeddings |
API default opts out of training |
Up to 30 days for abuse monitoring; ZDR available for qualified customers |
| Local (Private Deployment) |
Open-weights model on your infrastructure |
N/A — no external provider |
Zero external retention |
Provider retention and training-use are governed by LeedAB's contracted provider settings and the specific API features used. LeedAB does not permit customer content to be used for model training where provider controls or contracts allow us to prevent it. ZDR (Zero Data Retention) is implementable for Scale and Private Deployment customers under contractual arrangement; we will not claim ZDR is active on your account unless your specific contract specifies it.
04
Access controls
For your team
Role-based access per workspace: who can read, write, or operate agents.
SSO (SAML 2.0 / OIDC): available on Scale tier.
MFA: required for admin operations on Growth and above.
Session lifetime: configurable; default 30 days idle, admin-revocable any time.
For LeedAB staff
No routine access to customer workspaces. Staff do not log in to your workspace as part of normal operations.
Production access is restricted to a small named set of personnel, requires a documented business justification (typically your support request), and is logged.
Logged actions are reviewable on Growth and above as part of the customer audit log. We are explicit when we access; we do not silently inspect.
05
Data residency — application storage
Region selections below apply to LeedAB application storage: where your workspace lives at rest. They do not govern LLM inference (handled by provider per section 03) or other subprocessors (section 09).
- Starter: hosted in our default region (currently AWS Sydney
ap-southeast-2).
- Growth: region of your choice from our supported set (Sydney, Singapore, Frankfurt, US-East). Customer-isolated tenancy.
- Scale: region of choice + dedicated infrastructure available by contract. Customer-managed encryption keys (CMK) available on contract with prior arrangement.
- Private deployment: runs on infrastructure you own. Mac Mini + NAS appliance, on-prem VM, or your own cloud account. In pilot — current customers are working with us to validate the appliance shape.
06
Encryption
- In transit: TLS 1.3 minimum. HSTS enabled.
- At rest: AES-256 (workspace content + backups + logs). Per-customer encryption keys derived from a customer-isolated keyspace; not shared across tenants.
- Customer-managed keys (CMK): available on Scale by contract (AWS KMS or GCP KMS). Operational overhead applies — we discuss rotation, break-glass, and recovery procedures with you before activation.
- Secrets: integration credentials are stored in a separate secrets layer with restricted operational access, not co-located with workspace content.
07
Retention, deletion, audit
- Retention: customer-configurable. Default 7 years for workspace content; 12 months for audit logs.
- User-initiated deletion: deleted from active systems within 30 days. Backups expire on the normal retention cycle; we provide written confirmation when both have completed.
- Audit log: append-only record of agent actions and authorised staff access, customer-readable on Growth and above.
- Right to erasure (GDPR Art. 17 / CCPA equivalent): supported. Standard SLA 30 days from request; expedited for regulator orders.
08
Backups and durability
We're explicit about what's in place today vs available by contract. We don't promise enterprise-grade RPO/RTO numbers we haven't validated with restore drills.
In place today
- Daily full backup, retained 30 days
- Backup integrity checks daily
- Manual restore tested in-session
- Same-region durable storage (S3 11-9s)
Available on Scale
- Hourly incremental + daily full
- Cross-region replication (within legal jurisdiction)
- Documented RPO + RTO targets agreed in contract
- Quarterly restore drill, results shared under NDA
Planned
- SOC 2 Type 1 control inventory complete
- Automated DR runbook + on-call rotation
- Independent backup integrity verification
09
Subprocessors
Full current list. We notify in advance of changes; you may object.
| Subprocessor | Purpose | Region | Data accessed |
|---|
| Anthropic | Primary LLM inference | US | Per-request prompt + task-relevant context |
| OpenAI | Transcription, embeddings (specific tools) | US | Per-request audio/text |
| AWS | Compute, storage, networking | Customer-selected on Growth+ | Workspace content (encrypted at rest) |
| Cloudflare | CDN, DDoS protection, edge routing | Global | Request metadata only |
| Stripe | Subscription billing | US / AU | Billing details only — no workspace access |
| Sentry | Error monitoring | EU | Stack traces, scrubbed of PII |
10
Compliance posture
We're early. We'd rather be honest about that than overstate.
In place today
- Encrypted transports (TLS 1.3) + at-rest (AES-256)
- Least-privilege access controls + audit logging
- MFA on admin operations
- Operating consistent with GDPR · CCPA · APP (Australia)
- DPA available on request (Growth+)
Available on Scale
- Customer-managed keys (CMK)
- Dedicated infrastructure
- Customer-readable audit log
- Bespoke contract terms (MSA + DPA redlines)
Roadmap (no certifications claimed today)
- SOC 2 Type 1 — control inventory + auditor selection in progress
- SOC 2 Type 2 — follows Type 1
- Vendor security review documentation pack
Not certified: HIPAA, PCI-DSS, FedRAMP, ISO 27001. If your industry requires these, talk to us about Private Deployment where compliance shifts to your infrastructure — we will not claim certifications we don't hold.
11
Incident response
- Detection: automated monitoring on auth, anomalous access patterns, and integration failures. Customer-reported issues triaged within 4 business hours.
- Customer notification: material security incidents notified to affected customers within 72 hours of confirmation.
- Regulatory notification: handled per applicable jurisdiction. For GDPR-relevant incidents we notify supervising authorities within 72 hours of becoming aware. For Australia's Notifiable Data Breach scheme, we will assess promptly (target completion within 30 days) and notify as required by law.
- Communication: dedicated
security@leedab.com mailbox, named technical contact at LeedAB.
- Post-incident: we share a summary with affected customers under NDA within 14 days of incident close.