Security Posture

The platform runs on enterprise cloud infrastructure operated in the United States. Customer data does not leave the U.S. region in the normal course of operation. Application services and document-processing workers run on managed compute platforms, the primary database is a managed relational store with encryption at rest, and document files are held in encrypted, durable object storage. We do not publish details of the specific underlying services to limit the surface available to an attacker doing reconnaissance.

In transit: all network connections use TLS 1.2 or higher. HSTS is enforced on the marketing and application origins. Internal traffic between services within our VPC is also TLS-encrypted.

At rest: databases, object storage, and backups are encrypted with managed cloud encryption keys (AES-256). Secrets and credentials are stored in a managed secrets service, not in source code or environment files committed to a repository.

End-user authentication supports email-plus-password and single sign-on through a customer-managed identity provider. Multi-factor authentication is supported and may be required by the firm's administrator.

Authorization is role-based and scoped per firm. A user can only see data that belongs to their firm. Administrative actions are gated by role; sensitive actions (deleting an order, exporting a package, changing firm settings) are logged.

Limelyte personnel access to production systems is restricted to a small number of named operators, requires multi-factor authentication, is logged, and is reviewed quarterly. Access to customer data by Limelyte personnel is limited to incident response and support cases requested by the customer.

Every record in the platform is associated with a single firm (a "tenant"). Tenant scoping is enforced at the data layer, not just the application layer, so a query without a tenant context cannot return data. Document storage objects are keyed by tenant and protected by per-tenant access policies. There is no cross-tenant sharing of documents or extracted data.

Some pipelines invoke a large language model to perform extraction, classification, or summarization. The platform supports two configurations:

• Cloud inference: text or images are sent to a managed inference API operated by an established provider. That provider operates under a data-processing agreement that prohibits training on customer data and requires deletion after a short retention window.
• On-prem inference: a customer can elect to run inference on a model hosted within a customer-controlled environment so that document contents never leave the firm's infrastructure.

In neither configuration does Limelyte use customer documents or extracted data to train models for any other customer or any other purpose.

The application records an audit log of meaningful actions — user sign-in, order creation, document upload, field override, opinion generation, package export, configuration change — with actor, timestamp, and the resource affected. Audit logs are retained for the lifetime of the firm's account and available to firm administrators on request.

Production dependencies are scanned for known vulnerabilities on every build. High-severity findings are tracked and remediated according to severity. Operating-system base images for production containers are refreshed regularly. We follow responsible-disclosure practice with researchers who report findings to security@limelyte.com.

The primary database is backed up daily with point-in-time recovery for the most recent retention window. Document files are held in highly durable, cross-zone-replicated object storage. Backups are encrypted at rest and stored in the same U.S. region as the primary data.

We maintain an incident-response procedure that defines severity levels, roles, communication paths, and customer-notification timelines. Confirmed incidents that affect a customer's data are reported to the affected customer's account administrator without undue delay, and in any event within the timeline required by applicable law.

Application services are deployed across multiple availability zones within a single region. Database backups support point-in-time recovery; document storage uses cross-zone-replicated object storage. Recovery procedures are exercised periodically.

Limelyte personnel sign confidentiality obligations on hire and complete security-awareness orientation. Access provisioning and de-provisioning follow a documented process. Changes to production systems flow through code review and a controlled deploy pipeline; production access is monitored and logged.

The platform relies on a small number of subprocessors for hosting, email, payments, and AI inference. A current list of subprocessors and their roles is available on request. We will notify account administrators of material changes to the subprocessor list.

Security reports, questionnaire requests, or vulnerability disclosures:
security@limelyte.com

Limelyte Technology Group, LLC
Spokane, Washington