// security by ownership

Your repo. Your cloud. Your keys.

A black box touching your operations is terrifying. It should be. So the whole system is built to run inside a perimeter you control, with guarantees you can read and switch off, and a sub-processor list we publish in full. No launch-draft placeholders, and no certificate we don't actually hold.

SOC 2 Type IIISO 27001GDPRHIPAA-readySSO / SAMLAI · no training

Inherited from the stack your build runs on (Vercel · Supabase · Anthropic). Sponte's own org-level audit is on the roadmap. The full, verifiable breakdown is below.

// the perimeter

your repo

The build ships to your GitHub. Every line is readable, forkable, and yours. No vendored black box you can't inspect.

your cloud

It runs in your own Supabase and Vercel, your account, your region. Sponte infrastructure is never in the data path.

your keys

Credentials live in your vault. You can rotate them, scope them, or revoke us entirely, in one move.

// provable by architecture

Provable by architecture, not by promise.

The safest claim is the one you can check yourself. These hold because of where the system runs, not because we say so.

0

third parties holding your code or customer data

it runs in your own cloud account

1

cloud account everything runs in, yours

no Sponte tenancy in the path

100%

of agent actions written to the audit trail

hash-chained, append-only

0

standing Sponte access after handover

credentials revoked at delivery

// the guarantees

A set of guarantees you can read and switch off.

tenant isolationenforced

RLS as a database guarantee, not app-code hope. One client's data never bleeds into another's, enforced at the row, not the request.

deny-by-defaultenforced

A least-privilege role behind a policy gate. Agents only do what they're scoped to, never free-form actions on anything that moves money or data.

append-only audit trailenforced

Hash-chained and tamper-evident. A readable record of every action the system takes: every ticket answered, every record written, every job queued.

kill switchenforced

Revokes credentials on demand. If anything feels wrong, one switch and the system can't touch your data until you say otherwise.

per-agent blast radiusenforced

Every agent's reach is scoped before deploy, not discovered after. The support agent answers a ticket. It cannot issue a refund or touch billing.

human checkpointenforced

Anything irreversible, a refund, a payment, an outbound send, waits behind an approval threshold you define. The machine drafts, a human commits.

// compliance, honestly

Where every standard actually stands.

Most of your compliance comes from the certified infrastructure your build runs in. We tell you exactly what is inherited, what is contractual, and what is still on our roadmap. Green is real today. Amber is honest about what isn't.

areawhere it standsstatus
GDPROperated from the Netherlands under GDPR. Builds default to EU regions of your own cloud. We publish a real DPA and the full sub-processor list.EU-based
SOC 2 Type II · ISO 27001Your build runs on Vercel and Supabase: SOC 2 Type II, ISO 27001, HIPAA and PCI DSS, AES-256 at rest, TLS in transit.inherited
AI providersAnthropic / OpenAI on commercial terms: SOC 2 Type II and ISO 27001/42001. Your inputs and outputs never train a model, logs auto-delete, zero-retention available.contractual
SSO · SAMLAuth runs through your own identity provider via Supabase Auth. No separate Sponte login to provision, manage, or offboard.your IdP
Per-build security specAgent permissions, approval thresholds, data flows and incident steps, written and signed by both sides before anything deploys.signed
Sponte org SOC 2 / ISONot separately certified yet. We won't print a badge we don't hold. The verifiable architecture above stands today, the formal audit is on the roadmap.roadmap

// controls, per build

The same controls, applied to every build.

change management

Pull requests, staged deploys, documented rollback.

access security

Least-privilege credentials, no standing Sponte access after handover.

confidentiality

Data never leaves your cloud, secrets in your vault, no model training.

encryption

AES-256 at rest, TLS in transit, inherited from Supabase + Vercel.

availability

Platform SLAs, health checks, and alerts on the running system.

vulnerability mgmt

Dependency scanning and a patch procedure on every build.

incident response

A per-build runbook and a one-switch kill on demand.

risk assessment

A pre-deploy security review and approval thresholds on risky actions.

network security

Private networking where possible, TLS on every external call.

logging & retention

Your action log is retained on your terms, AI provider logs auto-delete.

data minimization

Agents read only the fields they need, nothing extra is ever moved.

organizational

A named operator and a signed security spec before deploy.

// the trail

Every action is scoped, logged, and reversible.

Each step the system takes passes a policy gate, then writes itself to a hash-chained log you can read. Nothing happens off the record, and nothing happens outside its scope.

audit-trail · live
streaming
14:22:01support ticket received from inbox zendesk
14:22:01policy gate: scope = read tickets, write crm deny-by-default
14:22:02drafted reply from your own docs no training
14:22:02routed to your channel for approval 118ms
14:22:02action hash-chained to audit log tamper-evident

rendered preview of the audit surface · (to build)

// sub-processors

Most vendors need a long sub-processor table. Ours is short, and published.

Because the build lives in your environment, most third parties never touch the path. Here is the short list of who does, and why. The canonical, dated version lives in the data processing addendum.

providerpurposeregion
VercelHosting + edge delivery for the buildConfigurable region
SupabasePostgres database + auth, with RLSYour project's region
Anthropic / OpenAIModel inference, the reasoning step onlyUS / EU
SentryError + uptime monitoring, PII scrubbedEU option
Cal.comAudit-call scheduling, marketing site onlyEU / US

// straight answers

The questions a security team actually asks.

Do you hold SOC 2 Type II or ISO 27001?

Not as a Sponte organization certificate, not yet, and we won't print a badge we don't hold. But your build runs on Vercel and Supabase, which are both SOC 2 Type II and ISO 27001 certified, with AES-256 encryption at rest and TLS in transit. The AI reasoning step (Anthropic) is SOC 2 Type II, ISO 27001 and ISO 42001. You inherit those controls because the system runs in your stack. Sponte's own formal audit is on the roadmap.

Where is my data hosted?

In your own cloud account, in the region you choose. We default to EU regions for EU businesses. Sponte infrastructure is never in the data path, so your data stays inside a perimeter you already control.

Is my data used to train AI models?

No. Under Anthropic's and OpenAI's commercial and API terms, your inputs and outputs are never used to train models. API logs auto-delete within days, and a zero-data-retention mode is available for the most sensitive workloads.

Do you support SSO and SAML?

Yes, through your own identity provider. Because auth runs on your Supabase, the system uses your existing SSO/SAML and access policies. There's no separate Sponte login to provision or offboard.

Who can access my systems after the build?

No one at Sponte, by default. Credentials live in your vault, and standing Sponte access is revoked at handover. You hold the keys, the audit trail, and the kill switch.

What happens if Sponte disappears tomorrow?

Nothing breaks. The repository, the documentation, the runbook and the credentials are already yours. The system keeps running in your stack, and any competent engineer can read and maintain it.

Is the system penetration tested?

We run dependency scanning and a written pre-deploy security review on every build, and the underlying platforms are independently penetration-tested. A formal third-party pen test of a specific Sponte build is something we scope per engagement rather than claim as a blanket badge.

Are you GDPR compliant?

We operate from the Netherlands under GDPR, default to EU data residency, and publish a real Data Processing Addendum and sub-processor list, with no launch-draft placeholders.

// where we are, honestly

We're early, and we won't print a certificate we don't hold. What we do hold is the architecture above, isolation, audit, kill switch, scoped blast radius, that you can verify line by line before you commit a dollar, plus the inherited certifications of the stack it runs in. Formal SOC 2 and ISO work is on the roadmap, not on a badge.

Security questions before a build? Bring them to the audit call. We answer in your own repo, not a slide.

See the guard run on your real workflow.

15 minutes, no deck. We map your perimeter, show the controls live on your own stack, and you decide from what you see.