Security

Trust as a contract, not a slogan.

This page explains how your data is handled, how review is enforced, and how your team stays in control. If a question is not answered here, ask us directly.

Deployment modelYour boundary first
Review postureNamed approval required
Audit postureAppend-only export

Data handling

Your data stays yours.

unikode reads and writes inside your firm's storage and identity boundary. Training usage, access control, retention, and deletion are declared rather than implied.

Ownership

Your data · your tenancy

Source materials and deliverables stay where your firm already stores them.

Training usage

No training on your content

Inputs and outputs are not used to train a shared model corpus.

Access control

Scoped to your directory

Access maps to your existing roles instead of relying on a parallel user directory.

Audit export

Append-only, readable

Activity trails can export as structured records for your existing audit tools.

Retention

Firm-defined, reviewable

Retention windows are set with the engagement and can be reviewed at any time.

Deletion

Honored on request

Deletes propagate through derivative artifacts and the supporting retention schedule.

Review

Nothing publishes without sign-off.

Every deliverable surfaces to a named human before it leaves the workspace. Approval is a workflow step, not a preference toggle.

You direct. The system executes. You approve. Drafts stay drafts until a reviewer signs off.

Regulated-domain specifics remain explicit: legal drafts are for attorney review, finance drafts are for review, and clinical surfaces require clinical review.

Controls

Policies, quality checks, immutable history.

Controls are enforced at the workflow layer, not pushed onto the user at runtime.

Policies

Versioned and reviewable

Delivery rules are explicit artifacts that change through review, not through silent prompt drift.

Quality checks

Block before review

Format, source, and scope checks run before a draft reaches the reviewer's queue.

History

Append-only trail

Draft history and review state remain recoverable instead of being overwritten.

Always true

Five things that remain true in every engagement.

01

No autonomous release.

Every deliverable is reviewed by a named human before it leaves the workspace.

02

Your data stays in your boundary.

The default deployment posture keeps storage and access inside your existing environment.

03

Every action is recorded.

Operators, reviewers, and workflow steps leave an exportable history.

04

Training usage stays bounded.

Client content is not folded into a shared training corpus.

05

Provenance travels with drafts.

Reviewers can see what the system used and why it surfaced the draft.

06

Deletion is honored.

Retention and deletion stay reviewable instead of being left to guesswork.

Start

Due diligence questions welcome.

Start a pilot