Security
Your data, your scopes, your call.
Brain is a tool you connect to your own accounts. It reads only what you authorise, stores only what is necessary, and our own infrastructure lives in the EU. The data Brain reads from third-party services (Gmail, Drive, OneDriveβ¦) follows those vendors' own residency rules β outside our control.
Principles
Five promises behind the product
If we ever break one of these, the right answer is to tell you β not to hide it.
You connect what you want
Brain has no access to your accounts until you click [Connect] in chat. Every integration goes through the vendor's own OAuth consent screen β Google, Microsoft, HubSpot, Trello, Slack β so the scopes shown are theirs, not ours.
Per-user isolation
Each subscribed user gets a dedicated Google Cloud Run container, a dedicated GCS vault bucket, and a dedicated set of secrets. No shared multi-tenant database for your messages, files, or memory.
Brain itself runs in the EU
Our containers + vaults run in europe-west1 (Belgium); the dispatcher runs in Paris. Your conversation memory and the files Brain creates for you live there. The third-party services you connect (Gmail, Drive, OneDrive, etc.) follow Google's / Microsoft's own residency rules β that's outside our control. We do not move your data, we only relay it.
Encrypted in transit and at rest
Every visitor request hits Caddy on TLS 1.3 (Letβs Encrypt). Cloud Run + Cloud Storage encrypt at rest by default with Google-managed keys. OAuth tokens are Fernet-encrypted before they ever touch our database.
Your right to leave
Export your vault as a tarball any time. Cancel from your Stripe portal in two clicks. We delete your container, your vault, your tokens, and your database rows within 30 days β and tell you when it's done.
How data flows
One conversation, one user, one container
The architecture is the protection
You should not have to take our word for it. Here is what actually happens when a message hits the bot.Inbound: only your own messages
When you DM Brain in Slack or Google Chat, the message goes through our Lightsail dispatcher, which signs it with OIDC and forwards it to YOUR per-user container. Other users' messages never pass through your container.
Outbound: only your own data
When Brain reads your Gmail or Drive, it uses YOUR OAuth token. The token lives in Google Secret Manager (or your container's encrypted env), is scoped to what you approved, and never touches another user's container.
Memory: only your own vault
Brain's memory of your conversations lives in a GCS bucket named for you specifically (e.g. nitroxbrain-vault-
Logs: redacted and short-lived
Cloud Run logs are redacted of message content by default and retained 30 days. Operational logs (deploys, integration errors) live in Cloud Logging with a separate IAM policy β operator-only, audit-trail attached.
OAuth scopes
Brain asks for exactly what it uses
Granular per integration
We don't ask for 'access to your Google account'. We ask for the minimum scopes required for the specific tool you turn on β gmail.modify for drafting and labelling, drive.file for files Brain creates, calendar.events for scheduling. The /tools page lists each scope per integration.
Revoke any time, no support ticket
Every OAuth grant can be revoked from the vendor (Google account settings, Microsoft consent page, Slack workspace admin, HubSpot integrations, Trello account). Once revoked, Brain immediately stops being able to read or write that service.
Re-consent on scope changes
If Brain ever needs a new scope to power a new feature, you go through the consent screen again. We never silently expand the grants you already gave.
GDPR
Your data rights, in plain language
Access β what we have on you
Ask us via /contact and we ship you a copy of your vault, your conversation history, and the metadata our database holds about you (email, slug, subscription status). Within 30 days, free.
Rectification β fix anything wrong
If a fact Brain remembers about you is wrong, tell it in chat ('forget that I prefer X') or open a ticket. Vault edits propagate immediately.
Erasure β pull the plug
Cancel from Stripe, then ask us to delete. Containers torn down, vault bucket emptied, OAuth tokens revoked from our side, database rows hard-deleted. Confirmation email when it's done. Hard target: 30 days.
Portability β bring it elsewhere
The vault export is a plain tar.gz of Markdown + JSON files. Nothing is locked in a proprietary format β you can read it without Brain.
The honest list
What we have β and what we don't yet
Marketing pages tend to overclaim on security. Here is the real state.
Brain runs in the EU
Our infra: Belgium (Cloud Run) + Paris (Lightsail). Your vault + conversation memory live there. The data Brain reads from Gmail / Drive / OneDrive / HubSpot follows the third party's own residency rules β Google / Microsoft / etc. We cannot change where they host your mail or your files.
OAuth-first integrations
No screen-scraping, no password storage, no IMAP credentials. Every integration goes through the vendorβs own OAuth flow.
Encrypted secrets
Slack bot tokens Fernet-encrypted in Postgres. API keys in Secret Manager. OAuth tokens in per-user encrypted env mounts.
Per-user isolation
One Cloud Run service per user. One vault per user. One set of secrets per user. No shared multi-tenant memory.
TLS 1.3 everywhere
Caddy + Letβs Encrypt for the public surface. sslmode=require for the Postgres connection. mTLS for Cloud Run ingress.
Operator-impersonation audit log
When the operator reads a user file (e.g. for support), the action is logged with timestamp, actor, target file, reason.
SOC 2 / ISO 27001 β not yet
No third-party audit certificate today. The team is small and the cost is high; we may pursue this if enterprise customers ask.
Penetration testing β annual, not continuous
Code audited internally on every PR. External pen-test cadence not yet annualised; expect at least one before we open public sign-ups at scale.
Bug bounty β not yet
No public bounty program. If you find something, email security@nitroxbrain.com β we will respond within 2 business days and credit you publicly if you want.
Common questions
Security FAQ
Where is my data stored exactly?
Your conversation memory + files Brain saves for you live in a Google Cloud Storage bucket in europe-west1 (Belgium). The Cloud Run container that processes your messages runs in the same region. The Lightsail dispatcher relaying your Slack / Chat messages runs in Paris. The mail / files / events Brain READS from your third-party accounts live wherever Google, Microsoft, HubSpot, etc. host them β typically global (US + EU) for consumer accounts; configurable to EU only on enterprise tiers of Google Workspace and Microsoft 365.
Does NitroxConsulting read my data?
Not casually. Operator access is logged. We can read your vault when YOU ask us to (support ticket, debugging a bot error), or when a court order compels us β we will tell you in both cases, the operator-impersonation audit log proves it.
What happens during a breach?
Disclosure within 72 hours per GDPR, to you and to the CNIL (French DPA). The disclosure names: what was accessed, the timeline, what we are doing about it, what you can do.
Do you train AI models on my data?
No. We do not train any model on your data. The third-party LLMs Brain calls (Anthropic Claude, Google Gemini, OpenAI GPT, Mistral) are configured with no-training data-handling agreements β each vendor publishes this for their API tier.
Can I delete a single conversation?
Yes. React with π on a Slack message Brain sent, and Brain forgets the turn β your message and Brain's reply are dropped from the session memory and from the Slack history (where Brain is allowed to delete its own messages).
How do I report a security issue?
security@nitroxbrain.com β PGP key available on request. Response within 2 business days. We will keep you informed at every step and credit you on this page if you want.
Security questions worth a call?
Pre-sale or post-incident β we'd rather have the conversation than write a fake compliance page.