NOEIN
Security

Security practices.

Last updated · June 19, 2026

Security is part of how NOEIN is built, not a checkbox added later. We connect read-only, isolate every tenant, encrypt your data, and log every access.

This page explains how we protect your data. For how we collect and use personal data, see our Privacy Policy.

01How we connect

NOEIN connects read-only to the business systems you already run: ERP, planning files, supplier email, inventory, and document stores. We do not write back to your systems, we stay off your OT network, and there are no agents on plant equipment or control-path access. You authorize each source, and you can revoke it at any time.

02Data isolation and tenancy

Each customer runs in an isolated tenant. Your data is logically separated from every other customer's, and access is scoped to your own organization. We process your data only to provide the Service and only on your instructions.

03Encryption

Data is encrypted in transit with TLS and encrypted at rest. Credentials and secrets for your connected systems are stored encrypted and used only to read the data you authorize.

04Access control and audit logging

We follow least-privilege access: only the people and services that need access to run your deployment have it. Every automated action and every access is logged, so you can see what happened and when. You can revoke access whenever you want.

05AI and your data

When you ask a question, relevant context from your authorized systems is sent to our AI provider (currently Anthropic's Claude, accessed via Replicate) at the moment of the request. We do not use your customer or industrial data to train foundation models, and we contract with providers that are bound not to train on data submitted through our API access. See our Privacy Policy for detail.

06Sub-processors

We rely on a small set of vendors to host and run the Service: cloud hosting and database providers, our AI provider, and email and authentication providers. Each is bound by contract to use your data only to provide services to us. The current list is available on request.

07Compliance and roadmap

We are an early-stage company and we are honest about where we are. We build with encryption, audit trails, and least-privilege access from day one, and we are glad to complete your security review and sign a Data Processing Addendum. Formal certifications such as SOC 2 are on our roadmap rather than complete today. Ask us where we are and we will tell you straight.

08Responsible disclosure

If you believe you have found a security issue, email jacek@getnoein.com with the details and we will respond quickly. Please give us a reasonable window to investigate and fix before any public disclosure.

Questions about this document? Email jacek@getnoein.com. See also our Privacy Policy and Terms of Service.