Trust

Security & Data Handling

This page describes how StratEdge Workflow Control stores and processes data today. We aim to be precise rather than aspirational: where something is a roadmap item, we say so.

Last updated: June 2026

Hosting & infrastructure

The application runs on Vercel (serverless, US regions) and stores workflow records in a managed PostgreSQL database provided by Supabase. All traffic between your browser, the application, and these services is encrypted in transit using HTTPS/TLS.

How AI requests are handled

AI features are processed server-side. When you trigger an action (for example, “Generate Summary” or “Flag Risk”), the relevant workflow data is sent from our server to the OpenAI API to produce a response.

  • The OpenAI API key is stored as a server-only environment variable and is never exposed to the browser.
  • Workflow data is sent to the model only when you explicitly request an analysis, not continuously.
  • OpenAI states that data submitted through its API is not used to train its models by default.
  • AI output is advisory. We recommend qualified human review before acting on any AI-generated recommendation.

Secrets & credentials

API keys and database credentials are stored as environment variables in the hosting platform and are not committed to source control. Browser-exposed configuration is limited to the public Supabase URL and publishable key, which are designed to be public.

Data in this environment

The records in this environment are example/demo data created for product demonstration and validation. Please do not enter real customer personally identifiable information (PII), account numbers, or other sensitive data into the demo.

Roadmap (not yet in place)

The following are planned for the production release and are not guaranteed in the current demo: authenticated user accounts and role-based access, row-level database access controls, audit logging, data-retention controls, and formal third-party security certifications. We will update this page as these land.

Contact

Security questions or disclosures: security@stratedgeworkflow.com.