Security posture
Security is architectural.
AirCEO handles financial and operational data. The platform is designed to keep customer data scoped, isolated, encrypted, and access-controlled from day one.
Read-only by default · Tenant-isolated · Encrypted in transit and at rest
Operating summary
How AirCEO handles customer data.
Connections
OAuth
where supported
Write access
No
read-only by default
Processing scope
Per tenant
not cross-customer
Default system access
Least-privilege, restricted to required operational support.
Stored data
Encrypted at rest using standard infrastructure mechanisms.
Transit protection
TLS for data in transit.
AI processing
Used to transform reconciled outputs into plain-English explanations only.
Role permissions
CEO or account owner can manage permissions; role access is scoped by function.
Read-only by default
AirCEO connects to supported systems using OAuth where available. The platform does not write to, modify, or delete records in HubSpot, Xero, or QuickBooks.
Encryption
Data is encrypted in transit using TLS. Data stored by AirCEO is encrypted at rest using standard mechanisms provided by our infrastructure.
Access controls
Least-privilege access is applied internally. Access is restricted to what is required to operate, support, and maintain the service.
Tenant isolation
Customer data is logically isolated by tenant. AirCEO does not use one customer's data to analyse another customer's environment.
Role-based access
AirCEO applies role-based access controls so users only see the level of information appropriate to their role. A CEO or account owner can access CEO-level views and manage permissions. Functional leaders such as a CRO are limited to the parts of the product relevant to their role.
No cross-customer learning
AirCEO does not cross-pollinate customer information, learn from one customer's private data to improve another customer's outputs, or use customer environments as a shared reasoning pool. Each customer environment remains separate.
Encrypted customer data
Customer data stored by AirCEO is encrypted at rest. AirCEO staff do not have routine plain-text access to customer data as part of normal operations.
Scoped AI processing
Any AI processing is performed on a per-customer basis using that customer's own reconciled outputs and configuration. Customer data is not used to train generalized models.
AI processing boundaries
Plain-English explanation, not black-box decisioning.
AirCEO may use third-party AI services to transform reconciled outputs into plain-English explanations. Outputs are derived from your data and your configuration only. Customer data remains tenant-scoped, is not cross-pollinated between customers, and is not used to train generalized models.
1. Reconcile
Data is pulled from supported systems and scoped to your tenant only.
2. Compute
Deterministic logic evaluates boundaries, thresholds, receipts, and role-appropriate visibility.
3. Explain
AI may convert those outputs into narrative. It does not replace the underlying calculation layer or mix customer data across tenants.
Availability model
Built seriously. Honest about dependency boundaries.
The service is provided on an “as is” and “as available” basis. AirCEO depends on third-party systems, including HubSpot and Xero or QuickBooks, and cannot guarantee uninterrupted uptime of those systems or their APIs.
Source systems
Availability depends partly on the uptime and API health of connected platforms.
Service posture
AirCEO is designed for resilience, but does not promise uninterrupted operation.
Transparency
This page describes general posture only. It is not a certification, warranty, or guarantee.
Trust doctrine in practice
Security posture should support trust, not replace it.
AirCEO's product doctrine remains the same: if the platform cannot show source, scope, time, assumptions, and calculation method, it should not say it. Security and trust work together.
Source
Every surfaced conclusion ties back to underlying systems.
Scope
Time windows and coverage are explicit, not implied.
Assumptions
Declared thresholds and logic remain visible.
Method
The calculation path is explainable, not hidden behind scoring magic.
Permissions
Role-based visibility ensures executives and functional leaders see only what matches their remit.
Segregation
Customer environments remain separate, with no cross-customer learning or cross-pollination.