Back to Home

Security & Trust

We take data security and client confidentiality seriously. Here is exactly how we handle your data during an engagement.

Data access is scoped and time-limited

We access only the systems and data required for the defined engagement scope. Access is revoked at engagement closeout. No standing access to any client system.

Data is not retained after the engagement

All client data collected during an engagement is deleted within 30 days of closeout. We do not retain samples, snapshots, or derived data beyond the retention period.

Analysis is conducted manually

All intelligence analysis is currently conducted by senior engineers using isolated, non-networked analysis environments where possible. No client data is used to train models or improve automated systems.

Deliverables are confidential

All deliverables are treated as confidential client information. We do not publish case studies, reference engagements, or cite specific findings without explicit written approval.

No telemetry or monitoring

We do not install agents, deploy monitoring, or add telemetry to your systems. All analysis is performed on data you provide through existing exports, access, or documentation.

NDA and contractual protections

All engagements commence under a mutual NDA. Data processing, confidentiality, and liability terms are defined in the Statement of Work before any work begins.

Important note

We are not a SOC 2 or ISO 27001 certified organisation. We are a small engineering consultancy. If your procurement requires formal certification, we may not be the right fit. We are transparent about this because trust requires honesty — not compliance badges.

Have questions about data handling?

Contact us to discuss your specific security requirements before the engagement.

Security & Trust | Engineering Intelligence | Anystack Engineering