Solenoid — Privacy posture

Solenoid keeps the map, not the territory. We are built so a security-minded team can connect on day one — your data passes through, it doesn’t sit with us.

The posture in one line

Read-only · BYOK · processed in-memory · never persisted · every answer cited.

What we never store

We never store your meetings, customer calls, or strategy. Your tickets, PRs, threads, and documents are processed in-memory and discarded. There are no database schemas for your raw content — we keep only pointers and citations back to your own sources.

Read-only by default

Every connector requests read-only scopes on day one. No write, no comment, no PR creation. You see the scopes before you authorize.

BYOK — your provider, your terms

LLM inference runs on your Anthropic or OpenAI key, under your enterprise zero-retention / no-train terms. Solenoid’s keys never touch your content.

Every answer cited

Every claim, quote, decision, and constraint links back to its source — a permalink, a PR, an issue. If we can’t cite it, we don’t say it.

Email capture

When you join the waitlist, we store a one-way salted hash of your email — never the raw address. We use it only to send you the walkthrough you asked for and to de-duplicate signups. We use Resend to send; we keep the map, not the territory, for our own submission flow too.

This page summarizes the posture locked in ADR 0021. For regulated industries (healthcare, finance, government), a local-first / BYOC deployment is on the roadmap — talk to us.