How we protect your most personal data
Connector OAuth credentials and provider secrets are protected server-side, and access to product data is gated behind authenticated sessions plus ownership checks.
Traffic to deployed Omniscient environments is intended to run over HTTPS so data is encrypted in transit between your browser and the application.
Your personal memories, conversations, and context are never used to train AI models. We use inference-only — your data improves your AI, not anyone else's. This is legally binding in our terms.
We never ask for or store your passwords to third-party services. All integrations use OAuth 2.0 with minimal permission scopes. You can revoke any connection at any time.
Omniscient is built to minimize unnecessary collection, support source disconnects, and give users direct control over what data is indexed, exported, or deleted.
We use Plausible Analytics — a privacy-first analytics tool that collects zero personal data, no cookies, no fingerprinting, no IP storage. We track only aggregate page views and feature usage to improve the product. Your identity is never part of any analytics event.
Every dependency in the Omniscient codebase is continuously scanned for known vulnerabilities using automated tools. Our CI/CD pipeline blocks any deployment that introduces a high-severity vulnerability.
We are actively working toward SOC 2 Type II certification. Our infrastructure and processes are being aligned with the Trust Services Criteria.
Security is an ongoing discipline
Questions or disclosures: security@omniscient.ai