Innovation begins with trust
Foundations are fiduciaries. Grantees share sensitive data in good faith. Sattva is built for the unique trust requirements of philanthropic data—protecting foundation strategies, grantee information, and the funder-grantee relationship.
Planned SOC 2 Type II
Independent audit validating security, availability, and confidentiality controls across the platform.
Planned GDPR
Full compliance with EU data protection regulation—right to erasure, data portability, lawful basis documentation, and DPA.
Active Anthropic API Terms
All AI processing uses Anthropic's commercial API. Per their terms, customer data is never used for model training.
Active AES-256 at Rest
All data stored in Supabase PostgreSQL with AES-256 disk-level encryption.
Active TLS in Transit
Every connection—browser, Slack, API, database—encrypted with TLS 1.2+.
Active Passwordless Auth
Secure magic-link authentication via Supabase Auth. No passwords to leak or phish.
Your data, your frameworks, your control
Your grantees' updates and your outcomes frameworks are processed by AI to structure impact data. Here's exactly how we handle that.
No Model Training
- Data processed via Anthropic's commercial API
- Inputs and outputs are not used for model training
- Your frameworks and grantee updates remain exclusively yours
Data Minimization
- Only the data necessary for each task is sent to the AI
- A grantee's message and relevant framework categories—not your entire database
- Raw text is truncated and scoped to the task at hand
Grantee Transparency
- Grantees are informed that their messages are processed by AI
- Every structured update is shown for grantee review before sharing
- Nothing is shared without grantee confirmation
Access Control
- Every API route requires authentication—no anonymous access
- Foundation data isolated per tenant
- Slack bot uses Socket Mode—no publicly exposed webhook URLs
Coming soon: Role-based access, MFA, SSO/SAML
Encryption
- AES-256 encryption at rest (Supabase infrastructure)
- TLS 1.2+ for all data in transit
- Parameterized queries throughout—no SQL injection surface
Coming soon: Application-level encryption for sensitive grantee fields
Infrastructure
- Hosted on Supabase and Vercel/Railway—enterprise-grade managed platforms
- Data residency: AWS us-east-1
- Automated daily backups via Supabase
Coming soon: Uptime monitoring, error tracking, defined SLA
Built for the grantee-funder relationship
Foundations don't just adopt Sattva for themselves—they adopt it on behalf of their grantees. We take that responsibility seriously.
- AI disclosure—Grantees are clearly informed that their messages are processed by AI
- Grantee confirmation—Every structured update is reviewed and approved by the grantee before sharing
- Minimal collection—We only collect impact updates that grantees choose to share. No background monitoring
- Grantee data visibility—Grantees can see how their data was categorized and mapped
- Opt-out mechanism—Alternative submission channels for grantees who prefer not to use the bot
- Data export & deletion—Full data export in JSON/CSV, and complete deletion on request
We're transparent about every third-party service that touches your data.
| Sub-processor | Purpose | Data shared | Location |
|---|---|---|---|
| Anthropic | AI-powered update structuring and outcome mapping | Grantee update text, foundation framework categories | US |
| Supabase | Database hosting and authentication | All application data (encrypted at rest) | AWS us-east-1 |
| Slack | Grantee communication channel | Grantee messages, bot responses | US |
| Brave Search | Web research for portfolio monitoring | Company names, website URLs (public data only) | US |
| Jina.ai | Web page content extraction for research | Public web page URLs | EU/US |
Questions about security?
We're happy to walk through our security practices, data flows, and compliance roadmap with your team.
Book a conversation →or email nsbarr@gmail.com