Security & trust

Trusted AI infrastructure, built on transparency.

FounderOS is your personal operations cockpit, but it sits on the same askKira governance backbone as every other product we ship. The canonical security and infrastructure statement is below; the full set of policies + templates lives in the askKira Governance Hub.

The full picture

askKira Governance Hub

Every askKira product — FounderOS, Mosaic PD, Classroom Companion, Talkology — is governed by one shared backbone: privacy policy, DPA, DPIA, cookie policy, terms, AI policy templates and risk-assessment templates. All live in one place, kept canonical, dated and downloadable.

Open the Governance Hub
Compliant
UK GDPR · Article 28
Full contractual data protection. Signed DPA available on request.
Verified
UK data residency
All processing within the UK on AWS London (eu-west-2).
Certified
Cyber Essentials & ISO 27001
Cyber Essentials certified. Built to ISO 27001 information-security principles.
Registered
ICO Registered
Public Sector Analytics Limited · Co. No 14889377 · ICO ZB622646.

Zero model training on customer data

Nothing routed through Founder OS is used to train any AI model that benefits another customer.

"No user-submitted data is used to train any language models, nor is it shared externally or made viewable by any third party."

Single-user authentication

Founder OS is a personal cockpit. One password (set via FOUNDEROS_PASSWORD env var) gates the entire app. Sessions are HMAC-signed cookies, HttpOnly, SameSite=Lax, Secure-in-production. CSRF tokens validate every form submission. Five failed login attempts from an IP triggers a 15-minute lockout.

Encrypted in transit and at rest

TLS for every connection (Let's Encrypt). At-rest encryption on the hosting volume. Role-based access controls and MFA on every infrastructure surface. API keys (Anthropic, Brave) live in environment variables, never on disk.

Atomic writes

Every data file write — agents.json, pipeline.json, per-agent KPIs, drafts, send logs, audit log — uses a write-temp-fsync-rename pattern. A crash mid-write leaves the old file intact, never a half-written target.

Audit log

Security-relevant actions (sign-in, sign-in failure, lockout, sign-out, pipeline mutations, agent run, agent delete) are written to a separate append-only NDJSON file at data/audit.log. Passwords, API tokens and request bodies are never logged.

72-hour breach notification

If a data-protection incident is detected, affected parties are notified within 72 hours of discovery with the minimum context required to exercise their obligations under UK GDPR Article 33.

Sub-processors

Sub-processorPurposeRegion
Amazon Web ServicesPrimary hosting and storageUK (eu-west-2)
AnthropicLLM API · no training on customer dataAPI endpoint
Brave SearchWeb discovery (Researcher agent)API endpoint
Google WorkspaceGmail/Calendar integration (founder-owned account)EU
CloudflareEdge security / DDoS mitigationGlobal edge

Registered entity

Legal namePublic Sector Analytics Limited
Trading asaskKira
Company number14889377
ICO registrationZB622646
Data Protection Officerdpo@askkira.com
Security disclosuressecurity@askkira.com