How we handle your data, your code, your customers.

Where your data lives

Every Maqro AI engagement runs on your infrastructure — your cloud account, your databases, your application stack. We do not host your data on Maqro-controlled servers as a matter of default policy. The agents we build read from your systems of record and write back to your systems of record. Inference happens through model providers you select (Anthropic, OpenAI, Google, Azure, AWS Bedrock, or self-hosted open-source) under your account, on your billing relationship, with your retention controls.

Model training

We do not train models on your data. Maqro AI does not collect, retain, or use customer data to fine-tune any model we ship. Model providers operate under their own terms; we configure your integrations to use the no-training tiers (Anthropic Workbench, OpenAI API with zero-retention enrollment, Azure OpenAI Service with the data-handling opt-outs) wherever your contract requires it.

Code & intellectual property

You own what we build. Source code is delivered to your repository at the start of the engagement and stays there. Prompts, evaluation suites, test fixtures, and any custom retrieval indices we create are yours. There is no Maqro-owned platform you become dependent on, no proprietary runtime you must keep paying for to use what we shipped, no clause that lets us reuse your specific implementation with a competitor.

PHI, PII, and regulated data

For engagements that touch protected health information (PHI), payment card data (PCI), personally identifiable information (PII), or other regulated categories:

• We sign Business Associate Agreements (BAAs) for HIPAA-covered work before any protected data reaches our development environment.
• We sign Data Processing Agreements (DPAs) under GDPR / state privacy laws on request — ours or yours.
• We use defense-in-depth controls during development: a PHI-pattern pre-commit hook that blocks accidental leakage of protected identifiers into commits, and scoped access to only the data needed for the specific build.
• For sensitive engagements, we work entirely within your environment via short-lived credentials — no production data leaves your perimeter.

Authentication & access during the build

We work behind your existing access controls — SSO, role-based permissions, VPN, IP allowlists. We do not request standing admin credentials. Where production access is needed (e.g., to validate an integration), we use your existing approval workflow with audit-logged sessions. When the engagement ends, every credential issued to Maqro is revoked.

Contracts we’ll sign

• MSA — ours or yours.
• NDA — before the audit conversation if scope warrants it.
• DPA — for GDPR, CCPA, and equivalent state regimes.
• BAA — for HIPAA-covered engagements.
• SOW — per engagement, with the fixed-quote scope and acceptance criteria written into the document.
• Right-to-audit — we’ll agree to reasonable audit clauses for regulated buyers.

What we have not attained yet

We do not currently hold a SOC 2 Type 2 attestation. We do not currently hold ISO 27001. For most ops-heavy buyers these aren’t prerequisites; for buyers where they are, we’ll be transparent about that gap up front and discuss whether a scoped engagement still fits. We are also not a HIPAA-certified entity (HIPAA does not work that way), but we sign BAAs and operate accordingly.

Questions before the audit

Send the security questionnaire — we’ll fill it out before our first real conversation, not after. If your team has specific posture requirements we haven’t covered here, ask. We’ll either show you what we already do or tell you honestly that we don’t.