Scope AGI logoScope AGI logo
Scope AGI

Security & Privacy at Linse

We combine modern encryption, least-privilege access, and transparent auditing so you can trust Linse with sensitive work.

Holographic security shield with center lock and connecting nodes.

Security is woven into every layer of Linse—from infrastructure and model routing to the way we log activity. This document outlines the safeguards in place today.

Infrastructure protections

Linse runs on isolated, SOC2-compliant infrastructure with continuous monitoring and automated patching.

  1. 1

    Encryption by default

    All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Keys are managed through a dedicated KMS with strict rotation policies.

  2. 2

    Segregated environments

    Production, staging, and development environments are isolated. Customer data never leaves production.

  3. 3

    24/7 monitoring

    Anomaly detection alerts our security team to suspicious access patterns or infrastructure drift.

Access controls

We apply the principle of least privilege for both Linse users and Scope AGI staff.

  1. 1

    Granular workspace roles

    Assign Viewer, Editor, or Admin rights. Privileged actions (export, delete, invite) require Admin approval.

  2. 2

    Single sign-on & MFA

    Support for SAML, Google Workspace, and Microsoft Entra ID. Enforce MFA for all teammates with one toggle.

  3. 3

    Scoped support access

    Scope AGI support teams access data only when you request it, and all access is logged for your review.

You can generate access logs anytime from Settings → Security Logs.

Model & privacy guarantees

We route prompts through vetted models and never use your data to train public models.

  1. 1

    No customer data in public training

    Linse uses customer data solely to serve your workspace. We do not sell or share it with third parties.

  2. 2

    Model choice transparency

    Pick the providers you trust (Scope Core, Anthropic, OpenAI, or your own endpoint). We display which provider handled every response.

  3. 3

    Incident response

    Formal runbooks ensure notification within 24 hours if an event impacts your data. Post-incident reports include remediation steps.

Need a security review?

Request our latest security whitepaper, compliance reports, or schedule a technical deep dive with our team.

Contact security