Security summary for principals and boards
Two-page overview of how EstateOS handles agency data. For technical detail see /security; for AI controls see /responsible-ai.
Use Print → Save as PDF for your board pack. Technical detail remains on /security.
Where your data lives
Agency data is stored in Australia (ap-southeast-2, Sydney). Each agency is isolated — your contacts, listings, and tenancies cannot leak into another agency’s tenant.
Who can see what
Staff access is role-based. External portals (vendor, landlord, tenant, tradie) only show what you choose to share. Safety-sensitive contacts can have addresses suppressed from AI, exports, and portals.
AI and client data
Nothing AI-generated reaches buyers, vendors, landlords, or tenants until your staff review and approve it. Personal details are protected before any external AI service sees the text.
Privacy requests (DSAR)
When someone requests their data, EstateOS runs a workflow with identity check, statutory clock, extraction, redaction queue, and principal approval — not a one-off CSV export.
What we have not completed yet
We are pre–Founding Pilot. SOC 2, ISO 27001, and third-party penetration testing are on the roadmap before general availability. Design partners can request our internal threat model on /contact.