Security & privacy

Your data is yours. We build Autographical around that promise from the ground up: in how we store, process, and protect everything you entrust to us.

Principles

Evolution

Data activation technologies and norms are rapidly evolving to adapt to the emerging capabilities of AI. Autographical is at the forefront of that evolution, and is helping to craft best practices that work for everyone.

Balance

The more context AI systems have, the better they are able to perform. Ambient collection is effortless, but it's also more permissive by default. We're striving to build a system that navigates these tradeoffs confidently.

Security by design

Autographical is a state-of-the-art data platform, with inherent immutability, governance, and security by design characteristics. We're bringing advanced data technology to every individual and the AIs they use.

Ownership

We believe individuals and teams should be able to benefit from consuming digital information as much as the providers serving it. We're navigating the frontiers of knowledge graphs, long term memory, augmented cognition, and delegated access to AI.

Commitments

Your data belongs to you

We never sell, share, or use your data to train models. You can export or delete everything at any time. Full data portability is a feature, not an afterthought.

Private by default

Your knowledge graph, activity stream, and all collected data are private to you. Nothing is shared with other users, tenants, or third parties unless you explicitly choose to.

Responsible collection

You control which browsers, devices, and tools are connected, and can pause or disconnect any source at any time.

Enterprise-grade infrastructure

Encryption

Encrypted at rest and in transit

AES-256 at rest, TLS 1.3 in transit. Industry-standard key management.

Isolation

Tenant isolation

Strict logical isolation and access controls across all tenant boundaries.

Residency

Data regions

Choose where your data is processed and stored based on personal preference and to meet local compliance requirements.

Access

Audit logs

All collection and access is tightly scoped, logged, and available for review.

Compliance

Meeting industry standards to continuously improve.

SOC 2 Type II (coming soon)

We are pursuing SOC 2 Type II readiness to independently verify our security controls, availability, and confidentiality practices.

Sub-processors

We maintain a transparent list of sub-processors and notify customers of any changes. All sub-processors are continuously vetted for their security and privacy practices.

Responsible AI

AI that works for you.

No training on your data

Your data is never used to train foundation models — ours or anyone else's. AI features in Autographical operate on your data solely to serve you.

Transparent processing

When we use AI to collect, organize, or enrich your knowledge graph, we are clear about what is being processed and why. You stay in control.

Device-local options

We're working to provide as much on-device local capability as possible — without giving up the intelligence that makes Autographical useful.

Questions or concerns?

We realize security, privacy, and trust are dynamic and personal. We're always looking to chat, learn, and improve from our users, peers, and industry. Let's get in touch!