The controls in place, stated honestly.

All traffic between browsers, API clients, the BIE application and the underlying infrastructure is encrypted in transit using TLS 1.2 or higher. HTTP Strict Transport Security is enabled with a 2-year max-age and the preload flag. Cookies are marked Secure and SameSite=Lax where relevant.

Behavioural data, account metadata and derived intelligence are stored in a Supabase-managed PostgreSQL cluster with disk-level encryption at rest. OAuth tokens, the credentials that let BIE read from connected platforms, are encrypted at the application layer using AES-256-GCM with a per-deployment key held outside the database. The key is required at ingest time and is never serialised into logs, error traces, or telemetry payloads.

User authentication is delegated to Supabase Auth. Passwords are stored only as cryptographic hashes. Session cookies are HttpOnly, Secure, SameSite=Lax, rotate on privilege change, and are invalidated on logout.

Every database table enforces row-level security scoped to the requesting user’s organisation. API keys are stored as SHA-256 hashes with a twelve-character prefix retained for display; the raw key is shown once at creation and never again. Keys carry scope metadata (read-only, read/write, tool-subset) which is checked on every request. Admin surfaces require an explicit admin role on the requesting user’s profile and are unreachable from ordinary accounts.

Cron endpoints and internal service routes are authenticated with a bearer secret rotated out of band. The BIE team uses single sign-on for access to production infrastructure, and production access is gated on a per-role basis.

A Content-Security-Policy is served on every response in Report-Only mode initially and enforced once the report is clean. Scripts, connections, frames and form submissions are restricted to an allow-list of origins (Supabase, Stripe, PostHog, Sentry). X-Frame-Options, X-Content-Type-Options, Permissions-Policy and Referrer-Policy are all set. Framing of the application is blocked for both modern and legacy browsers.

Intelligence output is produced by Anthropic’s Claude models. Prompts and responses are processed under Anthropic’s commercial terms; on our tier, no content is retained for training. One customer’s behavioural data is never used to train or fine-tune models for another customer. A full list of subprocessors, what they do, where they process, and links to their DPAs, is at bieintel.com/subprocessors.

Errors are forwarded to Sentry with PII scrubbed from stack traces. AI calls emit OpenTelemetry spans with token counts and cost metadata; span payloads never include the prompt body. Queue depth, worker heartbeats and cron freshness are tracked internally and surface on the operator-facing platform status page. Optional product analytics (PostHog) only initialises after the user has explicitly consented via the cookie banner.

Raw ingested events are retained for 180 days on a rolling basis. Derived intelligence (signals, profiles, reports) persists with your subscription. Account deletion triggers a 90-day soft-delete window followed by hard deletion and cascade across dependent tables, with an audit-log entry written before the cascade so the trail survives. The retention matrix is documented at Data retention.

We treat a security incident as any event that could reasonably compromise the confidentiality, integrity or availability of the Service or its data. On detection of such an incident we:

· contain the incident and stop ongoing harm;
· determine the scope and affected accounts;
· notify affected account holders by email, with a factual description and any required action on their part;
· file any notification required by law with the competent supervisory authority within the applicable window (72 hours under GDPR for personal-data breaches).

Report a suspected incident to security@bieintel.com.

We would rather you know. BIE has not yet been through a SOC 2 audit, an attestation is on the roadmap. We do not yet cover HIPAA or FedRAMP. A written, public vulnerability-disclosure policy is being prepared; in the meantime the contact on this page is the canonical channel and we will not take legal action against a researcher acting in good faith. Penetration tests are run privately on a periodic cadence; a summary can be shared under NDA on request to security@bieintel.com.

Write to security@bieintel.com. Describe the issue in enough detail that we can reproduce it. We will acknowledge receipt within two business days and keep you updated as the fix progresses. We do not currently operate a bug-bounty programme; we will thank researchers publicly with consent and credit material findings in our changelog.