Security posture

How we protect your data.

We do not have SOC 2 or SSO yet. Here is what we do have, and what we do not have, in plain English.

What we do today.

  • Encryption at rest

    Neon Postgres encrypts every row at rest by default. Backups are encrypted too.

  • TLS in transit

    HTTPS on every public endpoint. Internal service-to-service calls go over TLS inside Vercel's private network.

  • Role-based access control

    Owner, Editor, Viewer. 60+ route guards enforce the split server-side, not client-side. Audit log on every invite and setting change.

  • Least-privilege IAM

    Every Vercel serverless function runs with the minimum scope it needs. No shared admin keys.

  • Stripe for payments

    We never touch your card number. Stripe handles PCI DSS compliance end-to-end.

  • Passwordless magic-link auth

    Primary auth is a signed magic link delivered via Resend. Password flows exist but are secondary. No password reuse, no "password123" problem.

What we do not have yet.

We are bootstrapped and solo-founder. These ship when the customer base justifies them. Until then, zero marketing dust over the gaps.

  • SOC 2 Type II. Planned once we hit the ARR threshold that justifies the audit.
  • SSO / SAML. Available from Business tier is a common ask, not yet built.
  • MSA. We ship public Terms of Service. Custom MSAs come with Agency contracts if needed.
  • BAA / HIPAA posture. We do not sign BAAs and will not for the foreseeable future. If you handle PHI, use a HIPAA-compliant alternative.

Who is behind this.

Real company. Real founder. Public corporate identity for anyone doing trust diligence on us.

Legal entity
AI Sightline LLC
State of formation
Arkansas, United States
Registered agent
Northwest Registered Agent, LLC
Mailing address
701 South St. Ste 100
Mountain Home, AR 72653
Founder
Mac (solo)
Domain registered
2026-03-15
Public registration
Arkansas SOS search
Contact
aisightline@gmail.com

Domain WHOIS uses standard registrar privacy protection. The corporate identity above is the verifiable public record and can be looked up directly via the Arkansas SOS search.

Security question?

Email aisightline@gmail.com. The founder reads every message. Expected response time: 24 hours.

Contact usSystem status