HR AI

Security-conscious controls for HR data workflows

Security

Privacy by design — not just by policy. KYBN is built so teams can review locally, upload intentionally, and delete confidently.

The KYBN Trust Loop

  • Local-first review and masking steps before cloud generation where supported.
  • User-controlled uploads for report generation and support files.
  • User-deletable datasets and generated outputs after upload.
  • Full lifecycle traceability for upload, generation, and deletion events.
  • Customer-uploaded datasets are never used to train or fine-tune foundation models.

Retention and deletion controls

Data deletion is a real product workflow in KYBN, not just a policy page. Review retention windows, user-triggered deletion behavior, and current deletion request guidance in one place.

See Data Deletion policyOpen Data Lifecycle

Core Controls

  • HTTPS transport for web and API traffic in production environments.
  • Role-based access controls for plan and admin capabilities.
  • Operational logging for report generation, data checks, and support events, with PII masking in logs.
  • Configuration and secrets managed outside source control.
  • Least-privilege access for admin workflows.
  • Retention controls and deletion workflows for customer data.
  • Incident handling through a ticketed support process.

Deletion in KYBN means removal from active application storage and product access paths, while retaining minimal lifecycle metadata for traceability.

For more information about data handling and deletion requests, see Privacy and Data Deletion .