Security and trust at Kantum
Customer trust comes first
Live document
Built so you can let an AI act on your data
Kantum is an action-taking AI: it reads your inbox, your CRM, your files, your call logs. That only works if you can trust how it stores, processes, and forgets. Our default is restrictive. Our defaults in the EU and UK are even more restrictive.
Approval-gated writes by default
Every action that touches an external tool — sending an email, updating a CRM record, posting to Slack — requires your confirmation by default. You see what Kantum proposes before it happens. You can disable approval per-action once you trust a workflow.
Editable, deletable memory
Kantum keeps four kinds of memory: working (what we're talking about now), episodic (past conversations), semantic facts (about you), and org facts (about your company). Every entry is inspectable from the “What Kantum Knows” page in the app. Delete any of them, any time. Bulk-delete everything in one click.
- Dedicated Security Experts monitoring and managing platform integrity 24/7.
- Regular Compliance Audits aligned with industry standards such as ISO 27001, SOC 2, and GDPR.
- Advanced Threat Detection powered by AI to identify and neutralize risks before they escalate.
Encryption, hosting, infrastructure: data encrypted at rest with AES-256, in transit with TLS 1.3, hosted on tier-1 cloud infrastructure with redundancy and continuous monitoring. SOC 2 in progress.
EU / UK privacy by default
Visitors detected as being in the EU or UK see the “let Kantum recognize me” consent default-off. You can turn it on at any time, but the magic-on-signup flow only runs with explicit opt-in. We don't make you fight a dark pattern to keep your data.
Audit log on every write
Every Kantum-initiated action that touches your data lives in an action log: what, when, why, which agent, which tool. Available from the app, exportable on request. If something happened that you don't remember authorizing, you can see exactly what.