Security

Your data, your scopes, your call.

Brain is a tool you connect to your own accounts. It reads only what you authorise, stores only what is necessary, and lives in EU infrastructure you can audit.

Principles

Five promises behind the product

If we ever break one of these, the right answer is to tell you β€” not to hide it.

You connect what you want

Brain has no access to your accounts until you click [Connect] in chat. Every integration goes through the vendor's own OAuth consent screen β€” Google, Microsoft, HubSpot, Trello, Slack β€” so the scopes shown are theirs, not ours.

Per-user isolation

Each subscribed user gets a dedicated Google Cloud Run container, a dedicated GCS vault bucket, and a dedicated set of secrets. No shared multi-tenant database for your messages, files, or memory.

EU residency

Containers + vaults run in europe-west1 (Belgium). The dispatcher runs on Lightsail Paris. No data transits to a US-only region unless you explicitly connect a US-only third-party service.

Encrypted in transit and at rest

Every visitor request hits Caddy on TLS 1.3 (Let’s Encrypt). Cloud Run + Cloud Storage encrypt at rest by default with Google-managed keys. OAuth tokens are Fernet-encrypted before they ever touch our database.

Your right to leave

Export your vault as a tarball any time. Cancel from your Stripe portal in two clicks. We delete your container, your vault, your tokens, and your database rows within 30 days β€” and tell you when it's done.

How data flows

One conversation, one user, one container

The architecture is the protection

You should not have to take our word for it. Here is what actually happens when a message hits the bot.

Inbound: only your own messages

When you DM Brain in Slack or Google Chat, the message goes through our Lightsail dispatcher, which signs it with OIDC and forwards it to YOUR per-user container. Other users' messages never pass through your container.

Outbound: only your own data

When Brain reads your Gmail or Drive, it uses YOUR OAuth token. The token lives in Google Secret Manager (or your container's encrypted env), is scoped to what you approved, and never touches another user's container.

Memory: only your own vault

Brain's memory of your conversations lives in a GCS bucket named for you specifically (e.g. nitroxbrain-vault-). Cloud Run mounts it via gcsfuse with IAM policies limiting access to your container's service account.

Logs: redacted and short-lived

Cloud Run logs are redacted of message content by default and retained 30 days. Operational logs (deploys, integration errors) live in Cloud Logging with a separate IAM policy β€” operator-only, audit-trail attached.

OAuth scopes

Brain asks for exactly what it uses

Granular per integration

We don't ask for 'access to your Google account'. We ask for the minimum scopes required for the specific tool you turn on β€” gmail.modify for drafting and labelling, drive.file for files Brain creates, calendar.events for scheduling. The /tools page lists each scope per integration.

Revoke any time, no support ticket

Every OAuth grant can be revoked from the vendor (Google account settings, Microsoft consent page, Slack workspace admin, HubSpot integrations, Trello account). Once revoked, Brain immediately stops being able to read or write that service.

Re-consent on scope changes

If Brain ever needs a new scope to power a new feature, you go through the consent screen again. We never silently expand the grants you already gave.

GDPR

Your data rights, in plain language

Access β€” what we have on you

Ask us via /contact and we ship you a copy of your vault, your conversation history, and the metadata our database holds about you (email, slug, subscription status). Within 30 days, free.

Rectification β€” fix anything wrong

If a fact Brain remembers about you is wrong, tell it in chat ('forget that I prefer X') or open a ticket. Vault edits propagate immediately.

Erasure β€” pull the plug

Cancel from Stripe, then ask us to delete. Containers torn down, vault bucket emptied, OAuth tokens revoked from our side, database rows hard-deleted. Confirmation email when it's done. Hard target: 30 days.

Portability β€” bring it elsewhere

The vault export is a plain tar.gz of Markdown + JSON files. Nothing is locked in a proprietary format β€” you can read it without Brain.

The honest list

What we have β€” and what we don't yet

Marketing pages tend to overclaim on security. Here is the real state.

EU-only data residency

Belgium (Cloud Run) + Paris (Lightsail). No US-region failover yet β€” deliberate choice for EU customers.

OAuth-first integrations

No screen-scraping, no password storage, no IMAP credentials. Every integration goes through the vendor’s own OAuth flow.

Encrypted secrets

Slack bot tokens Fernet-encrypted in Postgres. API keys in Secret Manager. OAuth tokens in per-user encrypted env mounts.

Per-user isolation

One Cloud Run service per user. One vault per user. One set of secrets per user. No shared multi-tenant memory.

TLS 1.3 everywhere

Caddy + Let’s Encrypt for the public surface. sslmode=require for the Postgres connection. mTLS for Cloud Run ingress.

Operator-impersonation audit log

When the operator reads a user file (e.g. for support), the action is logged with timestamp, actor, target file, reason.

SOC 2 / ISO 27001 β€” not yet

No third-party audit certificate today. The team is small and the cost is high; we may pursue this if enterprise customers ask.

Penetration testing β€” annual, not continuous

Code audited internally on every PR. External pen-test cadence not yet annualised; expect at least one before we open public sign-ups at scale.

Bug bounty β€” not yet

No public bounty program. If you find something, email security@nitroxconsulting.com β€” we will respond within 2 business days and credit you publicly if you want.

Common questions

Security FAQ

Where is my data stored exactly?

Your conversation memory + files Brain saves for you live in a Google Cloud Storage bucket in europe-west1 (Belgium). The Cloud Run container that processes your messages runs in the same region. The Lightsail dispatcher relaying your Slack / Chat messages runs in Paris.

Does NitroxConsulting read my data?

Not casually. Operator access is logged. We can read your vault when YOU ask us to (support ticket, debugging a bot error), or when a court order compels us β€” we will tell you in both cases, the operator-impersonation audit log proves it.

What happens during a breach?

Disclosure within 72 hours per GDPR, to you and to the CNIL (French DPA). The disclosure names: what was accessed, the timeline, what we are doing about it, what you can do.

Do you train AI models on my data?

No. We do not train any model on your data. The third-party LLMs Brain calls (Anthropic Claude, Google Gemini, OpenAI GPT, Mistral) are configured with no-training data-handling agreements β€” each vendor publishes this for their API tier.

Can I delete a single conversation?

Yes. React with πŸ—‘ on a Slack message Brain sent, and Brain forgets the turn β€” your message and Brain's reply are dropped from the session memory and from the Slack history (where Brain is allowed to delete its own messages).

How do I report a security issue?

security@nitroxconsulting.com β€” PGP key available on request. Response within 2 business days. We will keep you informed at every step and credit you on this page if you want.

Security questions worth a call?

Pre-sale or post-incident β€” we'd rather have the conversation than write a fake compliance page.

See every integration & scope
Ask us anything