Buki / Company
Security
Buki reads the systems your company runs on, so we hold ourselves to the standard of the most sensitive one. What we do today, what is still in progress, and nothing overstated. Written for whoever has to vouch for us internally.
How your data moves
Connect
OAuth connections with least-privilege scopes, read-only wherever the integration allows it. Credentials live in a managed secrets vault, never in application code or logs.
Sync & store
Encrypted in transit (TLS 1.2+) and at rest (AES-256) on a major cloud provider. Every record is scoped to your workspace, and that isolation is enforced at each layer of the stack.
Answer
Retrieval never crosses workspaces, and your data is never used to train shared models. Every answer keeps its source references, so any output can be audited back to the record it came from.
Act
Write actions are scoped per integration, approval-gated, and logged. Payments, offers, and postings wait for a named person. There is no setting that turns this off.
Practices today
Access control
Production access is limited to named engineers behind SSO with hardware-key MFA. Every access is logged and reviewed. Support access to a customer workspace requires that customer’s consent.
Keys & secrets
Encryption keys are held in the cloud provider’s key management service with automatic rotation. Application secrets are vaulted and rotated when roles change.
Backups & recovery
Encrypted backups run daily and are exercised with restore drills. Offboarding deletes primary data immediately and expires backups within 35 days.
Development
Every change is peer-reviewed before deploy. Dependencies are scanned continuously. Staging environments run on synthetic data, never on customer records.
Model providers
LLM inference runs under data-processing agreements, with zero-retention terms where the provider offers them. Prompts and outputs do not train foundation models.
The public demo
Fully isolated from every customer environment. Vantix, Inc. is a fictional company with generated data; no customer record ever appears there.
In progress, stated plainly
SOC 2
A SOC 2 Type II audit is underway with an independent auditor. The report is published here when it exists, not before.
Penetration testing
A third-party penetration test is scheduled ahead of general availability. The summary letter will be available under NDA.
Subprocessors & DPAs
A public subprocessor list and a standard DPA ship at general availability. Both are available on request today.
Your security review
We handle the unglamorous parts on request: questionnaires answered in writing, an architecture walkthrough with your IT lead, and a named contact who replies within two business days.
Reporting
Found something? security@mybuki.ai (placeholder; confirm mailbox before publish). We acknowledge within two business days and will not pursue good-faith research.
Founder review required. Confirm every claim on this page against actual practice before publish. Nothing here may overstate.