Security and trust

Built for documents that need evidence, owners, and review.

Helvabase makes the trust layer visible: what source supports an answer, what remains unresolved, and who approved the output.

Source state before generation

Users see freshness, parser warnings, missing metadata, and caveats before a draft is trusted.

Secrets stay server-side

Snipara credentials, OAuth secrets, and email credentials are configured as server-only environment variables.

Snipara remains source of truth

Helvabase stores workflow state around Snipara rather than duplicating document indexing or retrieval.

No Helvabase model training

Customer documents are used to operate the requested workspace workflow, not to train Helvabase-owned models.

Deletion and retention controls

Pilot workspaces can request source removal and workspace deletion; production retention periods are handled as part of customer onboarding.

Subprocessor review

DPA, subprocessor, and data-location details are prepared for buyer review before sensitive production onboarding.