Trust isn't a feature.
It's the floor.
Nine principles. One operating philosophy.
Every principle is verifiable. Architecture diagrams, audit summaries, and procurement documentation are available under NDA.
No external LLM providers. No third-party data processors. No shared tenants.
Infrastructure
Application and AI compute run on AWS in US East (us-east-1). All customer data is stored in EU Frankfurt (eu-central-1). Operating systems, databases, AI models, and access controls are operated by Mining Terminal. No customer data is processed by external SaaS providers, managed AI APIs, or third-party data processors.
AI processing
Nara runs on open-weight models hosted on dedicated GPU instances inside the Mining Terminal environment. Customer queries are not transmitted to OpenAI, Anthropic, Google, or any other external AI provider. Prompts, retrieved documents, and outputs remain on Mining Terminal infrastructure.
Customer isolation
Each customer is provisioned a dedicated database instance with its own process, storage volume, credentials, backup schedule, and encryption key. On contract termination, the customer’s database is decommissioned in full, at the instance level, not the row level.
Source traceability
Every datapoint is linked to its primary source: the page of the technical report, the line of the MD&A, the slide of the corporate presentation, the paragraph of the regulatory filing. All outputs are independently verifiable by the customer.
Data governance
Mining Terminal does not sell, rent, or share customer data. No advertising trackers, third-party analytics, or data brokers are used. Customer-specific data, watchlists, saved notes, model outputs, institutional configurations, is the property of the customer and is returned or destroyed on contract termination.
Authentication & access
SAML 2.0 SSO with Okta, Azure AD, and Google Workspace. Role-based access controls at the workspace level. Session timeouts, rate limiting, device-level audit logs. API access via scoped tokens with rotation and revocation.
Data handling
TLS 1.3 in transit. AES-256 at rest. Customer-managed encryption keys available on the enterprise tier; Mining Terminal cannot decrypt customer data without customer-held key material. Backups configured per customer, with point-in-time recovery. RTO and RPO targets available under NDA.
Security review
Access controls, data pipelines, and infrastructure are subject to continuous internal review. Sessions are encrypted, rate-limited, and time-bound. Third-party penetration testing is conducted annually.
Vulnerability disclosure
Security researchers may report vulnerabilities to security@miningterminal.com. Reports are acknowledged within 48 hours; coordinated disclosure conducted in good faith. PGP key available on request.
Available to institutional procurement teams on request.
Write to security@miningterminal.com with your procurement contact. We return signed materials within two business days.
Request documentation →