How we handle your stuff.
We sell sovereignty as a product. That promise is empty if our operational practices undermine it. This page is what we do, in writing, before we touch your environment.
Six rules.
Apply to every engagement. If your environment requires more, we'll match it; we don't go below this line.
Least privilege, scoped credentials
We do not accept, request, or operate with credentials broader than the engagement requires. Where possible we operate as named human IAM principals against the client's identity provider, so every action is attributable in your audit log. Service accounts for tooling are scoped per-environment, time-bound, and rotated on engagement close.
Your data stays in your VPC
Production traffic samples, evaluation datasets, traces, and model weights remain in your environment. Where we need a local copy to debug or run a benchmark, it is taken with explicit consent, kept on a disk-encrypted developer machine, and deleted on engagement close. We do not train, fine-tune, or commercialise on any client data, ever.
No third-party AI on your data
We do not paste client logs, prompts, traces, or weights into hosted LLM tools. When we use AI tooling internally, it is on isolated synthetic data only.
Auditability over speed
Every change we ship to a production environment goes through your normal change-management path: PRs reviewed by your engineers, runbooks reviewed before incident drills, deployments through your existing CI/CD. We don't hot-patch production from our laptops.
Eval parity before performance
We do not cut over real traffic until the new stack passes the eval suite within the tolerance you signed off on, and we keep the hosted baseline warm for 30 days post-cutover as a safety net.
Clean exit
On engagement close we revoke our access, hand over credentials we generated, deliver runbooks and architecture documentation, and publish the post-engagement report. Your team can disable our last access on day one of the handover; the runbooks alone should be enough to operate the system.
Where we stand.
Honest about what is in place vs. on the roadmap. Procurement teams: ask for the latest evidence — we'll send it.
SOC 2
Type 1 audit is in scope for 2026 Q3, ahead of any client requirement requiring it. We'll publish the report on request once issued.
GDPR / DPA
We sign a Data Processing Agreement on request for engagements that touch personal data of EU/UK residents.
HIPAA, ITAR, FedRAMP, EU data residency
These regimes vary engagement to engagement. We have deployed inference stacks under each; the engagement contract spells out exactly what controls apply.
NDAs
We'll sign yours, or send ours, before any discovery call where confidential material is shared.
Found something?
If you believe you've found a vulnerability in this website or in code we've published, email eng@fastpriors.com. We'll acknowledge within one working day, work the issue with you, and credit reporters who request it. We don't run a bug bounty yet but we will not pursue good-faith research.
Need a security review before we talk?
Tell us what your procurement team needs. We'll send it.
Talk to an engineer →