Security

Your research data
stays yours.

From unpublished findings to sensitive institutional data, security, privacy, and compliance are built into every layer of INSIGHT. Here is exactly what we do to protect your work.

Data Security

  • Encryption at rest & in transit

    All data encrypted using AES-256 at rest and TLS 1.3 in transit.

  • Isolated Knowledge Banks

    Each customer's data is logically isolated. No cross-tenant data access is possible.

  • Zero access by default

    Our engineers cannot access your documents without explicit customer approval.

  • Individual or team access

    Each Knowledge Bank can be set to individual or team access at creation time.

Privacy & Compliance

  • ISO 27001 Certified

    Internationally recognised information security management system certification.

  • GDPR & Australian Privacy Act compliant

    Data subject rights (access, deletion, export) supported out of the box.

  • No training on your data

    Your uploaded documents and queries are never used to train any model.

  • Data residency

    Data processed and stored in Australia. Enterprise plans support custom residency.

Identity & Access Control

  • SSO & SCIM

    SAML 2.0 integrations with Okta, Azure AD, and Google Workspace.

  • Granular permissions

    Role-based access to Knowledge Banks: Admin, Editor, Viewer.

  • Audit logs

    Every access and action is tracked and exportable for compliance accountability.

  • MFA enforcement

    Multi-factor authentication can be enforced at the organisation level.

Platform Security

  • Regular penetration testing

    Independent security firms conduct annual pen tests with a public bug bounty programme.

  • Secure SDLC

    Code reviews, dependency scanning, and hardened CI/CD pipelines on every release.

  • DDoS protection

    Global CDN and WAF provide enterprise-grade reliability and threat mitigation.

  • 99.9% uptime SLA

    Infrastructure built for research availability, not just business hours.

“Your knowledge bank is yours. We are the infrastructure, not the owner.”

Contact

Security questions or concerns?

Our security team responds within 24 hours. For responsible disclosure of vulnerabilities, please email us directly.

General security enquiries

info@uncapt.com

Vulnerability disclosure

security@uncapt.com

We follow responsible disclosure. Please allow up to 72 hours for triage.