Trust, stated honestly.
Scopes, redaction, audit, indexing posture, compliance roadmap, and incident handling — in one place.
What we read
Project shape — graph, structure, decision and lesson candidates. Not source contents by default.
What we store
Stream events, Atlas nodes and edges, citations, and Capsule manifests. Encrypted at rest.
Scopes
Personal, project, team, client, agent-visible. Boundaries enforced in product.
Redaction
Author-visible diff between source slice and recipient view. Capsules and cross-scope promotions both.
Audit
Promotions, opens, revocations, and agent actions logged. Exportable to SIEM.
Local-only mode
Available on Enterprise. No calls to ContextStream cloud during indexing or recall.
Where we are. Where we're going.
SOC 2 Type II
Type II audit underway. Scope and timeline available under NDA for prospective Enterprise customers.
GDPR
Standard DPA. EU-region storage available on Team and Enterprise.
HIPAA / FedRAMP
Not in scope today. Talk to us if you need a compliance sponsor on the roadmap.
Need a deeper conversation?
DPA, security questionnaire, architecture review, procurement support.