Security & trust

AI Partners is built to be the governed way your company uses AI — so governance and security aren't a feature tier, they're the architecture.

Your data, isolated

• Every company gets an isolated workspace. Data access is enforced at the database layer with row-level security policies — reviewed, versioned, and audited as code.
• Data is encrypted in transit (TLS) and at rest.
• Role-based access controls who in your company can see and do what — including admin-only surfaces for billing, usage, and governance.

AI without data leakage

• AI models are accessed via commercial APIs (Anthropic, OpenAI) under business terms: your data is not used to train foundation models.
• Agent actions that touch the outside world pass through an audited tool layer with allowlists, and sensitive actions can be held for human approval.
• Every workspace has hard AI spend caps with auto-pause — cost governance is on by default for every company, with no exceptions.

Payments

• Payments are processed by Stripe. Card details never touch our servers.

Infrastructure & subprocessors

• Cloudflare (hosting & network), Supabase (database, auth, storage), Anthropic and OpenAI (AI models via API), Stripe (payments).

Process

• All database schema and policy changes ship as versioned migrations — no untracked production changes.
• We run recurring security sweeps against our own database policies and access paths, with a findings ledger and fixes tracked to closure.
• Production health is independently monitored around the clock.

Questions, security reports, or a vendor review to complete? Write to dave@pmaipartners.ai — a human reads it.