Your Data Stays Your Data

Security isn't an afterthought—it's built into how I work. Learn about my practices for protecting your information.

How Your Data Is Protected

Encryption

All data is encrypted in transit (TLS 1.3) and at rest. I use enterprise-grade security tools and practices.

Access Controls

Your information is only accessible to me—no team members, no subcontractors, no third parties without your explicit approval.

Deletion Policies

Project data is deleted after project completion unless you request otherwise. Deletion certificates available for sensitive work.

No Training on Your Data

Your information is never used to train AI models. What you share stays confidential and is only used for your project.

For Sensitive Work

Additional protections available for confidential and high-stakes projects

NDA Available

Happy to sign your NDA or provide mine. Standard for any work involving proprietary information.

Air-Gapped Options

For highly sensitive work, I can operate in isolated environments with no cloud connectivity.

Deletion Certificates

Formal confirmation that all project data has been permanently deleted after completion.

Secure Communication

Encrypted email, secure file sharing, and alternative communication channels as needed.

Why You Can Trust Me

SOC 2 Principles

Operations aligned with SOC 2 trust principles for security, availability, and confidentiality.

GDPR-Compliant Handling

Data handling practices designed to meet GDPR requirements for personal data protection.

Security Background

Military background with security clearance experience. I understand operational security.

A Note on AI and Privacy

I use AI tools to enhance my work, but I'm careful about what data goes where. For sensitive work, I can operate entirely offline or use only enterprise AI tools with appropriate data protection agreements. If you have specific concerns, let's discuss them—I'm happy to adapt my workflow to your requirements.

Security FAQ

Do you use AI tools that might expose my data?

I use AI tools carefully and never input client data into systems that train on inputs. When needed, I use enterprise AI tools with data protection agreements or work entirely offline.

What happens to my data after the project?

By default, I delete all project data within 30 days of completion. You can request immediate deletion or extended retention if needed. For sensitive work, I provide deletion certificates.

Can you work with regulated data (HIPAA, PCI, etc.)?

It depends on the specific requirements. I can work with sensitive data using appropriate controls, but I may not be able to act as a covered entity for certain regulations. Let's discuss your specific needs.

How do you handle source code access?

I only request access to what's necessary for the project. I use secure methods (SSH, encrypted transfers), never retain copies after the project, and happy to sign your code confidentiality agreements.

What if there's a security incident?

I maintain logs and would notify you immediately of any potential breach. My security practices are designed to minimize this risk, but transparency is paramount if anything goes wrong.

Have Security Questions?

Let's discuss your specific security requirements. I'm happy to adapt my practices to meet your needs.

Get in Touch