Skip to Content
Security & TrustSecurity Overview

Security Overview

This page summarises the main security controls in Nairo’s current implementation.

It is intended for customer administrators, IT teams and security stakeholders evaluating authentication, workspace separation, document access, AI processing and review controls.

For legal, contractual or deployment-specific commitments, refer to the applicable agreement, data processing terms and security materials provided by Nairo.

Security principles

Nairo is designed around these principles:

  • Workspace separation - customer data is organised by workspace
  • Authenticated access - users must authenticate before accessing workspace data
  • Tenant-scoped data access - backend services resolve tenant context before tenant-aware operations
  • Human oversight - AI supports expert review; it does not replace accountability
  • Reference transparency - outputs should be reviewable against available source materials where supported
  • Controlled upload and access - documents are uploaded, processed and shared within workspace boundaries

Current security controls

AreaCurrent implementation
AuthenticationClerk-based authentication and organisation context
Workspace scopingTenant/workspace slug and tenant context on API requests
Tenant separationTenant-scoped routing and schema-based data separation
File uploadSigned URL upload flow
File storageUploaded files stored in Google Cloud Storage
Document processingAsynchronous processing after upload
Library sharingDocument and folder sharing grants within the workspace
PermissionsFocused admin/member controls, not full fine-grained RBAC across every feature
AI executionAssistant, Projects and Insight Table use backend-managed execution; Experts and Actions may use client-side Gemini calls where configured
EncryptionApplication-level encryption for selected value stores where configured
Retention UINo self-serve customer retention policy UI today

Authentication

Nairo uses Clerk for user authentication, organisation membership and session management.

Users must be authenticated to access workspace application routes and protected API operations.

A user’s access depends on their organisation membership, active workspace context, assigned role and enabled permissions.

For user administration, see Users and Roles.

Workspace scoping

Each customer workspace is associated with tenant context.

Workspace context is resolved using the tenant or workspace slug. Frontend API requests include tenant context, and backend services resolve the active tenant before executing tenant-aware operations.

Nairo uses tenant-scoped routing and schema-based data separation for tenant-aware backend services.

For more detail, see Tenant Isolation.

Document upload and storage

Nairo’s current document flow is upload-based.

Documents can be uploaded into the Library, Projects and supported product surfaces.

The upload flow uses signed URLs. Uploaded files are stored in Google Cloud Storage and then processed asynchronously for AI-assisted review.

Processing may include extraction, parsing, chunking, embedding or other preparation steps required by the relevant product surface.

Users should confirm that documents have finished processing before relying on them in review work.

For more detail, see Data Handling.

Document access and sharing

Library sharing supports document and folder access grants within a workspace.

Folder sharing may provide inherited access to documents inside the shared folder.

This sharing model is separate from general route-level permissions. A user may have access to the Library surface but only see the documents or folders available to them.

Customer administrators remain responsible for deciding which users should have access to sensitive materials.

Encryption and data protection

Nairo includes application-level encryption capabilities for selected sensitive value stores where configured.

Where enabled for those selected stores, encryption uses AES-256-GCM.

This should not be interpreted as universal field-level encryption across every database table, document, metadata field or product surface.

Broader encryption controls, including transport-layer security, database encryption at rest and object storage encryption, depend on the deployment infrastructure, cloud configuration and contractual commitments.

These should be confirmed as part of the customer’s security and procurement review.

AI security considerations

Nairo uses AI across surfaces such as Assistant, Projects, Experts, Actions and Insight Table.

Model execution differs by surface and configuration.

In the current implementation:

  • Assistant uses backend-managed model execution
  • Projects use backend-managed model execution for the Project Assistant
  • Insight Table execution is backend-managed
  • Experts and Actions may use client-side Gemini calls where configured

Internet search may be available for Assistant conversations where enabled. It should not be assumed to be enabled globally across all surfaces.

AI outputs are not guaranteed to be correct. Important decisions require human expert review.

For more detail, see Model Providers and AI Usage and Human Review.

Logging and auditability

Nairo maintains operational and workflow records in selected areas of the product.

The current implementation includes audit-style records for certain workflows and access events, such as document sharing and selected processing operations.

Customers should not assume there is a single customer-facing immutable audit portal covering every user action and AI interaction today.

For audit-oriented workflows, teams should define which outputs, notes and records must be retained in their own governance process.

What Nairo does not provide today

The following are not available as self-serve capabilities in the current application UI:

  • Configurable data retention policies
  • Self-serve data residency configuration by customer
  • Workspace-wide model policy configuration
  • Self-serve BYOK or BYOM configuration
  • Fine-grained enterprise RBAC across every product feature
  • A single customer-facing immutable audit log viewer

Organisations should address these requirements through contractual terms, internal policy and supplementary controls where needed.

Getting started

Review this overview with your information security team alongside Subprocessors, Data Handling, Tenant Isolation and your contractual data processing terms with Nairo.