Security for professional inbox intelligence
Algi handles email, calendar, and professional context for legal and finance teams. Our security program is built around practical confidentiality: protecting what is shared, limiting who can access it, and governing how AI is used.
Key facts
In readiness with Vanta
Algi is currently in the SOC 2 process with Vanta. We use this work to formalize policies, evidence collection, vendor review, access controls, and incident-response practices. We do not describe Algi as SOC 2 certified until the audit is complete.
Three duties, three protections
Legal confidentiality isn't one obligation. It's three. Algi is designed around each one.
Email and calendar content is sent to the AI model only to complete your specific request, then discarded. It is never stored, never used for training, and never surfaced to another user or firm.
OAuth 2.0 is the only way to connect your inbox. We never see or store your password. Access tokens are encrypted with AES-256-GCM and can be revoked at any time from your Google or Microsoft account.
We do not train models on user content. AI sessions are stateless; no context from one session carries into the next. Dedicated deployments ensure no infrastructure is shared between organizations.
Choose your isolation level
For firms with strict data residency or isolation requirements, we offer a dedicated deployment: a separate Algi instance scoped exclusively to your organization.
Your firm's data runs in a logically isolated environment within Algi's infrastructure. Fast to set up, zero operational burden.
- Logically isolated. No other firm can access your data.
- AES-256-GCM encryption at rest, TLS in transit
- Managed by Algi, ready in minutes
A separate Algi deployment on isolated infrastructure, managed by us but scoped exclusively to your firm. No shared databases, no shared compute.
- Physical infrastructure isolation with your own dedicated database and services
- No co-mingling of data with any other organization
- Ready within 5 business days of pilot kickoff
Algi runs entirely inside your firm's own Azure, AWS, or GCP account. Your data never leaves your environment. You own and control all infrastructure.
- Deployed into your existing cloud account. Nothing touches Algi's servers.
- Azure-native for firms already on Microsoft 365, integrates with your existing Entra ID
- Full control over data residency, access policies, and retention
- Available for pilots and full engagements. Contact us to scope.
Current safeguards
Authentication
- OAuth 2.0 only, we do not store passwords
- Google and Microsoft scopes limited to what each user explicitly authorizes
- OAuth tokens encrypted at rest with AES-256-GCM; revocable at any time from your account settings
Sessions & access
- Sessions managed server-side with secure, HttpOnly cookies
- Rate limiting applied to all authentication and API endpoints
Data handling
- Email and calendar content processed transiently to fulfill requests, not stored after processing
- Data not sold, shared for advertising, or used for model training
Compliance
- SOC 2 readiness in progress with Vanta. This page will be updated when audit status changes.
- Data Processing Agreement available on request
How AI data flow actually works
Most concerns about AI and confidentiality are speculative. The concrete risks are specific and addressable. Here is how we think about each one.
Inference is not training
When an AI model processes your email, it uses a fixed model that does not update from your input. Your data shapes the response, but it does not become part of the model, unless the provider separately stores and retrains on it, which Algi's vendor agreements prohibit.
Context windows are temporary
Email snippets or calendar details passed to an AI model exist only for that one task. Algi treats each request as task-scoped processing, not a persistent knowledge base that future users can query.
Retention is the real risk
The larger confidentiality exposure is usually not the model leaking secrets, but logs, provider review processes, debugging access, or retained prompts. Retention limits, vendor agreements, and access controls address the concrete risk.
Retrieval keeps data separable
Algi fetches relevant context at query time rather than absorbing documents into model parameters. Records stay separable and governable, a better fit for legal confidentiality obligations.
Prompt injection is a real attack surface
Adversarial instructions hidden in email content can attempt to override system directions and expose session data. Algi evaluates every AI workflow with this risk in mind, especially for messages and documents from external parties.
Calibrated risk management
AI risk should be managed through proportionate, context-sensitive safeguards, not fear-driven blanket rules. We evaluate every AI workflow against what data is shared, how it is handled, and whether the task requires stronger protection.
We assess each AI provider's data handling practices and contractual commitments before use.
Access controls, retention limits, session isolation, and ongoing monitoring each cover different risks.
For lawyers and finance professionals, we treat confidentiality obligations as a core product constraint, not a checkbox.
AI and infrastructure vendors
The following third-party services may process user data. We review vendor data handling practices as part of our SOC 2 readiness program.
| Vendor | Purpose |
|---|---|
| Google Gemini (GCP) | AI inference |
| Supabase | Database & authentication |
| Neo4j | Professional context graph |
| Redis | Session caching |
Working with your security team
We respond to security questionnaires, vendor assessment requests, and DPA reviews. If you need documentation before a pilot, reach out and we will stay engaged as your requirements evolve.
Start a vendor assessmentReport a security concern
If you believe you have found a vulnerability or need security information for your team, email founders@usealgi.com. For product and incident support, visit the support page.