Security at Personaxis

Building an affective memory layer demands a security posture that treats emotional context as sensitive data. We invest in defense-in-depth controls that grow with the product surface area and continuously audit how they perform in practice.

Infrastructure safeguards

  • TLS is enforced end-to-end; storage systems use encryption at rest with managed keys and rotation policies.
  • Production workloads run in hardened cloud environments with network segmentation, firewall policies, and runtime monitoring.
  • Access to infrastructure requires SSO with hardware-backed MFA, just-in-time approval, and automatically expires when projects conclude.

Application security

  • Code is reviewed by multiple engineers; critical paths run static analysis, dependency scanning, and secret detection on every merge.
  • We separate research prototypes from production services, limiting blast radius and ensuring experimental agents cannot access live user data.
  • Third-party libraries and models are pinned, monitored, and updated on a cadence aligned with vendor advisories.

Data protection

  • Pilot datasets are pseudonymized, audited, and stored in enclaves with access logging and retention caps.
  • Affective embeddings are redacted from support systems and never exported without explicit contractual safeguards.
  • We map controls to frameworks such as NIST AI RMF and ISO 27001 to align with emerging regulatory expectations.

Responsible disclosure

If you discover a vulnerability, please send details to davidq@personaxis.com with the subject line “Security report.” We acknowledge responsible disclosures within two business days and keep you informed as we remediate.

We review the security playbook quarterly, adapt controls as the platform expands, and publish notable updates in our legal and product documentation.