Trust starts before the product is fully public.
SecureSpace is building Mintos AI with a security-first operating model, careful disclosure, and practical buyer evidence.
Code review on every change, signed builds, reproducible deploys, and continuous dependency review.
Defence in depth, region-scoped data, encryption at rest and in transit, and least-privilege everywhere.
Coordinated, with a 90-day default window and a public advisory log.
Customer data is yours. We do not train on it. We expose retention controls.
SSO, SCIM, short-lived credentials, and named access reviews.
Direct lines to your team, with regular updates throughout the incident.
Buyer questions, answered.
How is customer data handled?
Data stays in the region you select. We do not train on customer data and we expose retention controls to administrators.
What is the disclosure process?
Email security@securespace.club. We acknowledge quickly and work through coordinated disclosure when public guidance is needed.
Who has access to production?
A small named set of engineers, with short-lived credentials and full audit. No standing access, including for executives.
How are subprocessors managed?
Subprocessors are reviewed annually, listed publicly, and customers are notified of material changes.
Can we run a pentest?
Yes. Enterprise customers can run third-party tests under a standard rules-of-engagement document.