Data & Security Addendum

WorkEquation is designed to focus on operational metadata — SLAs, KPIs, invoices, contract terms, governance artifacts — and to avoid unnecessary customer PII. Clients are asked to remove or limit personal, sensitive, or regulated data prior to upload.

WorkEquation supports secure Concierge Ingestion through a permissioned upload environment or read-only access pathway. Typical folders include MSAs, SOWs, SLA reports, QBR decks, invoice summaries, and KPI exports.

Access is granted to the minimum personnel necessary to deliver the engagement, with role-based access, MFA, and time-bounded credentials.

Each client's data is isolated logically and by access control. No cross-client analytics or benchmarking is performed without explicit consent.

WorkEquation uses AI-assisted workflows to extract, normalize, and analyze operational artifacts. Where LLM workflows are used, WorkEquation is designed to minimize sensitive data exposure and can support zero-data-retention API configurations or client-approved AI processing paths where required.

WorkEquation does not currently advertise SOC 2 Type II, ISO 27001, or other certifications. We will not overclaim certifications we do not hold. Additional security controls can be discussed for specific engagements.

Procurement and vendor-risk teams may request the WorkEquation Day-1 Trust Packet. See the Trust & Security page or contact info@workequation.ai.