Security & Trust
DelegateZero is conservative by design.
It would rather interrupt you once than act wrong silently.
The short version
DelegateZero acts as your judgment proxy. That means it needs access to context that matters to your business - policies, past decisions, entity information. We take that seriously.
Your data is stored encrypted at rest and in transit. It is never used to train models. You can export or delete everything at any time. When DelegateZero isn't confident, it escalates - it doesn't guess. The system is built to be auditable by design, not as an afterthought.
If you're the technical co-founder evaluating this for your team, the details are below. If you're the non-technical co-founder who just needs to know it's safe - the answer is yes, and here's why: the whole product is built around the assumption that acting wrong silently is worse than asking.
Data architecture
What's stored, where, and for how long
Curated context
Policies, precedents, playbooks, entities, and templates you add manually. Stored in your account, retained until you delete them. Never shared across accounts.
Memory
Automatically recorded from every decision: the outcome, confidence score, whether you overrode it, and correction events. Retained for 90 days by default. You can configure retention or delete specific records.
Decision audit logs
Every decision includes a permanent audit record - the context used, the reasoning, the confidence score, and the outcome. Audit logs are not deleted when you delete other context. They are your record of accountability.
Request payloads
The input to each decision request - the message, context passed inline, and any instructions - is stored with the audit log. Payloads are encrypted at rest and never exposed to other accounts.
Who can access your data
You and your account users. DelegateZero engineering staff have no routine access to production data. Access for debugging requires explicit authorization and is logged. We do not sell or share your data with third parties.
Model providers
DelegateZero uses OpenAI for reasoning. Request payloads are sent to OpenAI to generate decisions. OpenAI's zero-data-retention (ZDR) policy is in effect for API usage - inputs and outputs are not stored or used for training by OpenAI.
Your context and decisions are never used to train models - not ours, not our providers'.
This is not a footnote. It's the policy. Your judgment belongs to you.
Technical security
Encryption, transport, and access
Encryption at rest
All stored data is encrypted at rest using AES-256. This includes context, decisions, audit logs, and user data. Encryption keys are managed separately from data storage.
Encryption in transit
All communication between your systems and DelegateZero is encrypted via TLS 1.2+. API endpoints enforce HTTPS. Unencrypted connections are rejected.
API authentication
API keys are hashed before storage using bcrypt - the raw key is shown once at creation and never again. Keys can be rotated or revoked at any time from your dashboard.
Session security
Sessions use strict mode with HttpOnly, Secure, and SameSite=Lax cookies. Session IDs are regenerated on login. CSRF tokens are required on all state-changing requests.
Privacy compliance
Memory under GDPR and CCPA
Memory is the most sensitive part of DelegateZero - it's a continuous record of how your organization actually makes decisions. Here's how it works under privacy law:
Export everything
You can export your full context and memory at any time from settings. Export formats include JSON. Your data is yours - you should be able to take it with you.
Delete on request
You can delete specific memory records, entire context categories, or your full account at any time. Deletion is permanent and propagates to backups within 30 days per our retention schedule.
Data residency
Data is stored in US-based infrastructure by default. If you have specific residency requirements, contact us - we're building for enterprise compliance and will support your jurisdiction.
Designed for trust
Why escalation is a security feature
Staleness detection
DelegateZero flags when it's operating on context that may be outdated. Silent drift - when a system acts confidently on stale information - is one of the most common failure modes in automation. We surface it instead of hiding it.
Escalation-first posture
When in doubt, DelegateZero asks. It never guesses its way through ambiguity to avoid an interruption. An escalation with context is more valuable than a silent wrong answer.
Confidence thresholds you control
You set the confidence floor. Below it, decisions escalate - no exceptions. You can raise the threshold as DelegateZero builds a track record with your context. Autonomy is earned incrementally.
Audit URL on every decision
Every decision generates a permanent audit URL. You can share it with the person who submitted the request, your team, or your legal team. It shows exactly how the decision was made - the context used, the rules applied, the confidence score.
Compliance roadmap
Where we are and where we're going
Is DelegateZero SOC 2 certified?
SOC 2 Type II is on our roadmap. We're building with SOC 2 controls in mind from the start - access logging, encryption standards, and data handling policies that map to Trust Services Criteria. We'll publish our certification status when it's complete. If SOC 2 is a blocker for your procurement process, contact us - we can often provide a security questionnaire response in the interim.
Do you have a security disclosure process?
Yes. If you discover a security vulnerability, email security@delegatezero.com. We'll acknowledge within 24 hours, investigate, and keep you updated. We don't pursue legal action against good-faith security researchers.
Can I run a penetration test?
Yes, on your own account data. Contact us before running any test so we can coordinate and ensure your test doesn't affect other accounts. Unauthorized testing against shared infrastructure is not permitted.
Questions about security?
We'll answer them directly.
Security questions deserve direct answers, not marketing language. If you're evaluating DelegateZero for your team and have specific concerns, reach out and we'll respond substantively.