Security & AI safety

• Least privilege. Code paths, vendors, and humans get the narrowest access that lets the work happen.
• Tenant isolation by default. One customer’s data is never visible to another customer’s agent.
• Customer data is not training data. We do not train foundation models on customer conversations.
• Crisis paths are protected code. Files that handle suicide, abuse, threat, or domestic-violence detection are gated by CODEOWNERS and require careful review on every change.
• Honest about what we are. We are a small, focused team. We will tell you what we do well and what we are still building.

• Application hosting: Vercel (US-East).
• Database: Supabase (Postgres, US-East), with Row Level Security on customer-data tables.
• Voice infrastructure: LiveKit Cloud, with Telnyx and Twilio as telephony providers.
• Email: Resend for transactional delivery.
• Payments: Stripe (PCI DSS Level 1). We never see, store, or transmit raw card numbers.

• TLS 1.2+ in transit on every public endpoint, with HSTS preload.
• AES-256 at rest on application data, managed by our infrastructure providers.
• Application secrets stored in Vercel encrypted environment variables and provider-managed secret stores. No secrets in source control.

• Production infrastructure access is single-operator (the founder) with multi-factor authentication on every console.
• Customer admin dashboards use token-based auth plus a 7-role RBAC system (admin, office admin, pastoral, prayer, care, treasurer, volunteer-coordinator).
• Pastoral and financial data are gated by separate role checks at both the API and UI layers.
• Audit-relevant actions (subscription changes, knowledge writes, role changes) are logged.

The verticals we operate handle sensitive conversations. Safety is not bolted on; it is a core design constraint.

• HEAR protocol — every customer-facing agent (voice and chat) is instructed to Hear, Empathize, Affirm, Respond. The protocol is enforced in system prompts and exercised in our test suites.
• Crisis detection — keyword and intent classifiers run before the language model on every turn. Suicide, abuse, threat, and domestic-violence signals trigger a guarded response path.
• Pre-LLM moderation — abuse and threat patterns are intercepted before they reach the model.
• Pastoral connect — the chatbot redirects sensitive doctrinal, political, or affirming-care questions to a real human at the customer organization rather than improvising an answer.
• Crisis-protocol files are protected paths. Changes require reviewer approval and pass a coverage check on every pull request.

• Each customer is a tenant with its own configuration, knowledge base, prompts, and voice agent profile.
• One agent serves all tenants in a vertical, but per-tenant data is loaded at session-init time and isolated to that session.
• Row Level Security on customer-data tables prevents cross-tenant reads even in the event of an application bug.

Our subprocessors process customer data only to deliver their service:

• Anthropic — primary language model inference.
• OpenAI — fallback / specialty inference.
• Google — secondary fallback for voice.
• Deepgram — speech-to-text on voice calls.
• Cartesia — text-to-speech on voice calls.
• LiveKit — voice / WebRTC infrastructure.
• Telnyx, Twilio — telephony.
• Vercel — application hosting and analytics.
• Supabase — managed Postgres and storage.
• Stripe — payments.
• Resend — transactional email.
• Cal.com — meeting scheduling.

Each operates under enterprise terms that prohibit using API traffic to train foundation models.

• Production-impacting incidents page the founder within minutes of detection.
• Customer-impacting incidents trigger written notice to affected customers, with our current target of within 72 hours of confirmation.
• Post-incident, we publish a brief written summary covering what happened, customer impact, root cause, and what changed to prevent recurrence.

We are pre-SOC-2. We follow the controls SOC 2 requires (encryption, access control, change management, monitoring, incident response) and we have begun the evidence-collection work to formalize them.

• SOC 2 Type 1 — target 12 months out from initial commercial-vertical launch.
• HIPAA-readiness — under evaluation for verticals that touch PHI (some funeral and clinical-adjacent use cases).
• PIPEDA / GDPR — applied today to data-subject access, correction, and deletion requests.

If you are doing vendor due diligence and need a security questionnaire returned, email security@wiseaiagency.com.

If you believe you have found a security vulnerability, email security@wiseaiagency.com with reproduction steps and any affected URLs. Please give us a reasonable window to investigate and fix before any public disclosure. We acknowledge reports within three business days.

We do not currently run a paid bounty program but we are happy to credit researchers in our published acknowledgments page when invited to do so.