SECURITY
Your code and docs,
handled like code and docs.
Workspace isolation
Every customer runs in an isolated workspace. Repository clones, knowledge-base embeddings, agent prompts, and generated outputs live inside that workspace only. No cross-tenant access paths exist at the platform layer.
Data ownership
Outputs the platform produces — tutorials, triage reports, outreach sequences, videos — are licensed to you. Your code and docs are never added to any training corpus, shared with third parties, or reused across workspaces.
Deletion and exports
Cancel the subscription and every workspace, repo clone, embedding, and output is destroyed within 30 days. Export requests (JSON + artifacts) return within 72 hours. No hidden archives, no "soft delete" retention.
Third-party model providers
The platform calls Anthropic (Claude Agent SDK, Claude Sonnet 4.6) and OpenAI (TTS for Vox) under Zero-Data-Retention agreements. Prompts and completions are not logged by the providers for training. A full subprocessor list is available in the DPA.
Compliance posture
SOC 2 Type II is on the roadmap. In the interim: DPAs and EU Standard Contractual Clauses available today on request (daria@gtm-labs.co). GDPR and CCPA data-subject requests honored within the regulatory timelines.
Reporting an issue
Found a vulnerability? Email daria@gtm-labs.co with details. We acknowledge security reports within one business day.