[01] / Trust

How we handle your code,
data, and clients.

We're a senior consulting team. We're not a SOC 2-audited platform. For regulated workloads we operate inside your audit boundary — your access controls, your evidence trail, your sub-processor list. Here's exactly how that works.

1. [01]

   Confidentiality

   NDAs are routine — ours is a single page, yours works too if reasonable. Client identities, source code, and data stay private by default. We list named clients only with written permission.

   • ✓ Mutual NDA on file before substantive scope discussion
   • ✓ Per-engagement BAA when PHI or regulated data is in scope
   • ✓ Engineers sign individual confidentiality + IP-assignment agreements
2. [02]

   Code & repo access

   Your team owns the repository from day one. We commit, branch, and PR inside your access boundary, not ours. No mystery hand-off later.

   • ✓ You provision access — we work in your GitHub/GitLab/Bitbucket org
   • ✓ Per-engineer SSH keys, no shared credentials
   • ✓ Hand-off includes runbooks, architecture docs, and recorded walkthroughs
3. [03]

   Data handling

   Production data stays in your environment. We read it through your access controls and never copy it to ours. For ML training, we operate on data residing in your cloud account.

   • ✓ Encryption at rest + in transit using your existing keys
   • ✓ No third-party storage of customer data
   • ✓ Audit-friendly logging for every access event
4. [04]

   Compliance posture

   We're a senior consulting team, not a SOC 2-audited platform. For regulated workloads we operate inside your audit boundary — your controls, your evidence trail.

   • ✓ HIPAA-aware engineers; BAA signed when PHI is in scope
   • ✓ PCI-DSS-aware engineers for payment work
   • ✓ GDPR-conscious data flows for EU clients
   • ✓ ISO 27001 / SOC 2 not held in-house — we work inside yours
5. [05]

   AI tooling discipline

   We use AI tools heavily in our own work. We do not feed your private code, data, or PII to third-party APIs without explicit written approval and a configured retention contract.

   • ✓ On-prem or dedicated VPC inference for any client material
   • ✓ Zero-retention API contracts where the model vendor offers them
   • ✓ Logging + eval harnesses owned by your team, not us
6. [06]

   What we won't do

   We turn down work that would compromise these. It saves everyone time — and earns our honest yes elsewhere.

   • ✓ No subcontracting to anonymous offshore teams
   • ✓ No client data uploaded to consumer LLM products
   • ✓ No "we'll fix the security later" sprints
   • ✓ No engagements without a clear written scope
7. [07]

   Liability & continuity

   For replacement-class engagements (NetSuite-scale ERPs, payment systems, anything carrying real operational risk), we operate with formal liability cover and a continuity plan you can verify in writing.

   • ✓ $2,000,000 professional liability + errors-&-omissions insurance · certificate on request
   • ✓ $2,000,000 general liability · COI nameable to your entity
   • ✓ Code escrow available via Iron Mountain or NCC Group — agent of your choice
   • ✓ Every engagement gets a primary lead + named backup with shared context (ADRs in your repo)
   • ✓ On replacement engagements we document architecture decisions weekly so any senior engineer can pick up the thread

• → Master Services Agreement (DK template — or we sign yours if reasonable)
• → Mutual NDA
• → Statement of Work (per engagement, fixed-fee or fixed-bid)
• → Certificate of Insurance — naming your entity
• → Business Associate Agreement (when PHI is in scope)
• → Data Processing Agreement (when EU subjects are in scope)
• → Code escrow tri-party agreement (replacement engagements)
• → Two referenceable past clients (introductions made in writing after qualifying call)