Built to minimize data — not collect it
Solvren defaults to redaction, envelope encryption for secrets, customer-controlled access, and auditability — so security reviews focus on controls, not on another full copy of your business.
Solvren works on signals and metadata — not your source-of-truth data.
Solvren does not require your source-of-truth data.
- Metadata
- System events
- Derived signals
- Raw customer data
- Financial systems
- Full payload storage
Built to minimize data — not collect it
Solvren is designed to operate without requiring sensitive data. We minimize what we ingest, store, and process by default.
What happens to each class of data
No standing employee access to your tenant data by default.
Customer administrators grant support access when needed. Approvals are time-limited, scoped, and logged — with break-glass paths documented for true emergencies.
Modern cryptography for data at rest and credentials in flight.
Secrets use envelope encryption with key versioning. We design away plaintext credential storage so integrations stay trustworthy.
Read-only by default; write-back is an explicit decision.
Scopes are visible in-product. Write paths require explicit enablement so security teams can reason about blast radius before go-live.
Approval can be blocked when required safeguards are missing.
Critical changes do not advance simply because someone clicked approve. Required evidence stays visible and enforceable until resolved.
Every meaningful action has a narrative and a system record.
Timelines, delivery state, and operational queues give teams a credible story of what happened, who acted, and what still needs attention.
Data flow (simplified)
- Your systems → read-only connectors (sanitized operational events).
- Solvren processing → policy checks (`assertPrivacyPolicy`), no raw payload persistence.
- ROI & dashboards → estimates with explicit provenance; not audited financials.
- Write-back → off by default; audited when enabled.