Security and confidentiality, taken seriously.
We work the way a firm handling your numbers should — contained, auditable, and accountable. Here’s how.
Contained by default
Rob is file-based and contained: your data lives inside its engagement boundary and nothing reaches out of it unbidden. A guard rail blocks any write that would resolve outside the work area — containment is enforced, not promised.
Per-engagement isolation
Every client engagement is its own world — its own data, its own working space, its own credentials. Secrets live in the environment, never in files; one client’s facts never enter another client’s analysis.
Provenance & audit trail
Every analysis is traceable: the bearing it was run on, the query, the joins and fan-out checks, the exclusions, and the version history. Git is the audit trail. A number presented is a number you can trace back to how it was made.
Human-in-the-loop
An adversarial verification gate sits between the model and the decision, and a named human principal reads the work and signs off. No black box reaches the board unread.
How we handle your data
We treat your data as something to be protected, not collected. The default is the strictest reasonable handling, relaxed only where you ask.
Data minimisation. We work from the smallest extract that answers the question. Where a demonstration or published artifact is involved, we use synthetic or anonymised data — never real client figures — so the workings can be shown without exposing anything sensitive.
Reproducibility as a control. Because every analysis is provenance-tracked and re-runnable, you (or your own analyst) can audit the method and reproduce the result. Reproducibility-on-demand is “numbers made reliable” made literal — and it is also a security property: nothing is hidden in a black box.
Responsible AI use. The AI does the rigour; a human owns the call. Findings are verified before they’re presented, caveats are disclosed before conclusions, and the principal stakes their name on the result. Graduated autonomy with documented safeguards — the control layer that makes an autonomous analyst safe to engage.
Want the detail?
Happy to walk your security or procurement team through exactly how an engagement is run.
Talk to us →