Trust
Security
Last updated July 10, 2026
We are a beta-stage company and say so plainly here rather than claiming certifications we do not hold yet. This page states what is actually true about how Cadence is built.
Access and authentication
Sign-in is handled through our managed authentication provider. Sessions are bound to your account, and every request to backend data is authorized server-side. Workspace membership controls who can read or change data, and roles (owner, admin, member, viewer) gate sensitive actions such as inviting members or transferring ownership.
Workspace isolation
Every workspace's data lives in its own row-level-security-scoped rows in a shared Postgres database (Supabase). One workspace's rows are not queryable from another's session, enforced at the database layer, not just the application layer. Billing identifiers and invitation tokens are restricted to server-side roles and are never exposed to other members.
Secrets and encryption
Connection credentials and API keys you bring into Cadence are encrypted before being stored. Decryption happens only inside server-side code paths. Data in transit uses TLS provided by the hosting platform.
Connector scopes
Every connected source (GitHub, Slack, Linear, and similar) uses that provider's OAuth flow with the minimum scope the feature needs, shown to you before you grant it. Tokens are encrypted at rest. Disconnect any source anytime from Settings; access ends immediately.
The merge gate
Agents can draft, propose, and build, but nothing merges, ships, or takes an irreversible outward action without a human approval through the real approval flow. This is a fixed floor, not a setting that can be dialed away.
No training on your data
Your product's decisions, specs, and code are not used to train a shared model. See the privacy policy for the full statement.
Who processes your data
Cadence relies on infrastructure and AI providers to deliver the product, and on third-party services that you explicitly connect (for example a code repository or calendar). The full, live list of sub-processors and what each one receives is public at the sub-processor disclosure. Connections you create are scoped to your workspace, and you can disconnect them at any time from Settings.
Retention and deletion
You can delete data you have created (workspaces, products, documents, signals) from inside the app, and export your data in open formats from Settings. Account deletion or data export requests can also be made through the contact address on your account.
Reporting a concern
If you find a security issue, tell us before you tell anyone else. Reach us through the contact address on your account. We will acknowledge real reports and keep you posted as we fix them.
What we are not claiming yet
We do not currently hold a SOC 2 or ISO 27001 certification. If your evaluation needs one, tell us. It tells us where to invest next, and we would rather hear it than have you assume otherwise.