Trust at Read the Room.
We're early access. This page is the honest version of our security posture: what we have today, who we partner with for infrastructure, what we don't have yet, and what's on the roadmap. Everything below is true at the date this page was last updated.
LAST UPDATED · 2026-05-25 · OWNED BY FOUNDER
Your scenario data never leaves audited infrastructure.
Read the Room runs on three vendors, each independently audited for security. We don't operate our own data centers. Your data lives entirely on infrastructure that has been formally certified.
What's actually true about our security.
These are practices we've implemented and can demonstrate today. Not roadmap items, not aspirations.
- [✓]Encrypted in transit (TLS 1.3) on every connection
- [✓]Encrypted at rest (managed by our cloud platform and database providers)
- [✓]Role-based access controls: every action attributed and audit-logged
- [✓]Every decision, inject, deliverable, and export is timestamped and exportable
- [✓]Daily automated backups (managed by infrastructure providers)
- [✓]Two-factor authentication required on all admin and operator accounts
- [✓]Principle of least privilege for internal access (founder-only today)
- [✓]No customer data is used to train AI models; our AI provider operates with zero data retention
What we're working toward.
Some certifications take 6–18 months to obtain and cost $30k–$2M. We're pursuing them on a buyer-driven timeline. Listed here so you can make procurement decisions with eyes open.
Security questions get a same-day answer.
Procurement requirements, DPA review, specific compliance questions, or vendor-due-diligence packages. Request a demo and the founder will respond directly within 24 hours.
This page reflects our security posture as of 2026-05-25. We update it when the underlying reality changes. If you find something here that doesn't match what we tell you on a call, the call is wrong, not the page.