// security by ownership
Your repo. Your cloud. Your keys.
A black box touching your operations is terrifying. It should be. So the whole system is built to run inside a perimeter you control, with guarantees you can read and switch off, and a sub-processor list we publish in full. No launch-draft placeholders, and no certificate we don't actually hold.
Inherited from the stack your build runs on (Vercel · Supabase · Anthropic). Sponte's own org-level audit is on the roadmap. The full, verifiable breakdown is below.
// the perimeter
The build ships to your GitHub. Every line is readable, forkable, and yours. No vendored black box you can't inspect.
It runs in your own Supabase and Vercel, your account, your region. Sponte infrastructure is never in the data path.
Credentials live in your vault. You can rotate them, scope them, or revoke us entirely, in one move.
// provable by architecture
Provable by architecture, not by promise.
The safest claim is the one you can check yourself. These hold because of where the system runs, not because we say so.
0
third parties holding your code or customer data
it runs in your own cloud account
1
cloud account everything runs in, yours
no Sponte tenancy in the path
100%
of agent actions written to the audit trail
hash-chained, append-only
0
standing Sponte access after handover
credentials revoked at delivery
// the guarantees
A set of guarantees you can read and switch off.
RLS as a database guarantee, not app-code hope. One client's data never bleeds into another's, enforced at the row, not the request.
A least-privilege role behind a policy gate. Agents only do what they're scoped to, never free-form actions on anything that moves money or data.
Hash-chained and tamper-evident. A readable record of every action the system takes: every ticket answered, every record written, every job queued.
Revokes credentials on demand. If anything feels wrong, one switch and the system can't touch your data until you say otherwise.
Every agent's reach is scoped before deploy, not discovered after. The support agent answers a ticket. It cannot issue a refund or touch billing.
Anything irreversible, a refund, a payment, an outbound send, waits behind an approval threshold you define. The machine drafts, a human commits.
// compliance, honestly
Where every standard actually stands.
Most of your compliance comes from the certified infrastructure your build runs in. We tell you exactly what is inherited, what is contractual, and what is still on our roadmap. Green is real today. Amber is honest about what isn't.
| area | where it stands | status |
|---|---|---|
| GDPR | Operated from the Netherlands under GDPR. Builds default to EU regions of your own cloud. We publish a real DPA and the full sub-processor list. | EU-based |
| SOC 2 Type II · ISO 27001 | Your build runs on Vercel and Supabase: SOC 2 Type II, ISO 27001, HIPAA and PCI DSS, AES-256 at rest, TLS in transit. | inherited |
| AI providers | Anthropic / OpenAI on commercial terms: SOC 2 Type II and ISO 27001/42001. Your inputs and outputs never train a model, logs auto-delete, zero-retention available. | contractual |
| SSO · SAML | Auth runs through your own identity provider via Supabase Auth. No separate Sponte login to provision, manage, or offboard. | your IdP |
| Per-build security spec | Agent permissions, approval thresholds, data flows and incident steps, written and signed by both sides before anything deploys. | signed |
| Sponte org SOC 2 / ISO | Not separately certified yet. We won't print a badge we don't hold. The verifiable architecture above stands today, the formal audit is on the roadmap. | roadmap |
// controls, per build
The same controls, applied to every build.
Pull requests, staged deploys, documented rollback.
Least-privilege credentials, no standing Sponte access after handover.
Data never leaves your cloud, secrets in your vault, no model training.
AES-256 at rest, TLS in transit, inherited from Supabase + Vercel.
Platform SLAs, health checks, and alerts on the running system.
Dependency scanning and a patch procedure on every build.
A per-build runbook and a one-switch kill on demand.
A pre-deploy security review and approval thresholds on risky actions.
Private networking where possible, TLS on every external call.
Your action log is retained on your terms, AI provider logs auto-delete.
Agents read only the fields they need, nothing extra is ever moved.
A named operator and a signed security spec before deploy.
// the trail
Every action is scoped, logged, and reversible.
Each step the system takes passes a policy gate, then writes itself to a hash-chained log you can read. Nothing happens off the record, and nothing happens outside its scope.
rendered preview of the audit surface · (to build)
// sub-processors
Most vendors need a long sub-processor table. Ours is short, and published.
Because the build lives in your environment, most third parties never touch the path. Here is the short list of who does, and why. The canonical, dated version lives in the data processing addendum.
| provider | purpose | region |
|---|---|---|
| Vercel | Hosting + edge delivery for the build | Configurable region |
| Supabase | Postgres database + auth, with RLS | Your project's region |
| Anthropic / OpenAI | Model inference, the reasoning step only | US / EU |
| Sentry | Error + uptime monitoring, PII scrubbed | EU option |
| Cal.com | Audit-call scheduling, marketing site only | EU / US |
// straight answers
The questions a security team actually asks.
Do you hold SOC 2 Type II or ISO 27001?
Not as a Sponte organization certificate, not yet, and we won't print a badge we don't hold. But your build runs on Vercel and Supabase, which are both SOC 2 Type II and ISO 27001 certified, with AES-256 encryption at rest and TLS in transit. The AI reasoning step (Anthropic) is SOC 2 Type II, ISO 27001 and ISO 42001. You inherit those controls because the system runs in your stack. Sponte's own formal audit is on the roadmap.
Where is my data hosted?
In your own cloud account, in the region you choose. We default to EU regions for EU businesses. Sponte infrastructure is never in the data path, so your data stays inside a perimeter you already control.
Is my data used to train AI models?
No. Under Anthropic's and OpenAI's commercial and API terms, your inputs and outputs are never used to train models. API logs auto-delete within days, and a zero-data-retention mode is available for the most sensitive workloads.
Do you support SSO and SAML?
Yes, through your own identity provider. Because auth runs on your Supabase, the system uses your existing SSO/SAML and access policies. There's no separate Sponte login to provision or offboard.
Who can access my systems after the build?
No one at Sponte, by default. Credentials live in your vault, and standing Sponte access is revoked at handover. You hold the keys, the audit trail, and the kill switch.
What happens if Sponte disappears tomorrow?
Nothing breaks. The repository, the documentation, the runbook and the credentials are already yours. The system keeps running in your stack, and any competent engineer can read and maintain it.
Is the system penetration tested?
We run dependency scanning and a written pre-deploy security review on every build, and the underlying platforms are independently penetration-tested. A formal third-party pen test of a specific Sponte build is something we scope per engagement rather than claim as a blanket badge.
Are you GDPR compliant?
We operate from the Netherlands under GDPR, default to EU data residency, and publish a real Data Processing Addendum and sub-processor list, with no launch-draft placeholders.
// where we are, honestly
We're early, and we won't print a certificate we don't hold. What we do hold is the architecture above, isolation, audit, kill switch, scoped blast radius, that you can verify line by line before you commit a dollar, plus the inherited certifications of the stack it runs in. Formal SOC 2 and ISO work is on the roadmap, not on a badge.
Security questions before a build? Bring them to the audit call. We answer in your own repo, not a slide.
See the guard run on your real workflow.
15 minutes, no deck. We map your perimeter, show the controls live on your own stack, and you decide from what you see.