Saihi is built privacy-first. The controls below describe our current security posture and the roadmap for enterprise readiness.
Every record is scoped to its owning account at the database layer.
TLS on all client ↔ server and server ↔ provider connections.
Managed database and storage use provider-managed encryption.
All server functions require a valid bearer token from a verified session.
Sensitive actions (deletions, exports, account events) are recorded in an immutable audit log.
Admin tooling is gated by an explicit role check in a security-definer function.
Found a vulnerability? Please report it privately to security@saihi.ai. We’ll acknowledge within a reasonable timeframe and keep you informed through resolution.
See also: Privacy Policy · Terms & Conditions · Data Ownership · Compliance