Security Overview

Roundtable AI is built for people who have real conversations with AI — engineers, researchers, and teams. Keeping those conversations private and secure is fundamental to the product. Here's how we approach it, in plain terms.

Infrastructure

• We run on established cloud infrastructure (Amazon Web Services) in isolated environments.
• Our infrastructure is managed as code, and every change is peer-reviewed before it ships.

Protecting Your Data

• Encryption: Your data is encrypted in transit and at rest.
• Secrets: AI provider credentials, payment keys, and signing keys are kept in a managed secrets vault, and our services get only the narrow, audited access they need.
• In the browser: Our application is served over HTTPS with HSTS, plus standard browser protections against clickjacking and content-type sniffing.
• Backups: We take automated backups so your conversation history and account data can be recovered.

Application Safeguards

• Conversation transcripts are normalized before they're sent to AI providers, which helps guard against prompt-injection across agents.
• Access between our own services follows least-privilege principles — each part of the system can reach only what it needs.

Monitoring & Response

• We monitor our systems for anomalies and investigate issues promptly. If an incident affects you, we'll communicate it.
• We keep our dependencies up to date and apply security patches as they're needed.

Your Part

Security is a shared responsibility. You can help by:

• Using a strong, unique password (or your organization's SSO).
• Limiting who can see sensitive conversations, and exporting data responsibly.
• Reporting anything suspicious to security@round-table.ai — we aim to respond promptly.

We welcome security questions and due-diligence requests from prospective customers — reach out to security@round-table.ai and we'll help.