Security built into
every layer.

We design Essel so that the smallest possible set of people and systems can reach your data, and only for as long as a task needs it. Security is part of how we build features, review changes, and operate infrastructure, not a step we bolt on at the end.

• All traffic to and from Essel is encrypted in transit with TLS.
• Data at rest, including your content and database records, is encrypted using industry-standard algorithms.
• Integration credentials and API keys are encrypted before storage and decrypted only at the moment a task needs them.

• Access to production systems is limited to authorized personnel on a need-to-know basis.
• Internal access requires strong authentication and is logged.
• Each workspace is isolated, so one customer's data is never exposed to another.
• API keys you create are shown once and can be revoked at any time.

Essel runs on reputable cloud providers that maintain certified, physically secure data centers. We separate environments, keep dependencies patched, and automate deployments so changes are consistent and reviewable. Backups are encrypted and tested so we can recover from failures.

We send only the prompt and context a task needs to our AI providers, under contracts that prohibit using your data to train their models. Generated drafts are stored in your workspace, where you control revisions and publishing.

• We monitor systems for unusual activity and errors around the clock through automated tooling.
• We maintain an incident response process to investigate, contain, and resolve issues quickly.
• If a breach affects your data, we will notify you without undue delay and within the timeframe the law requires.

Security is shared. You can protect your workspace by:

• Using a strong, unique password and enabling single sign-on where available.
• Granting integrations only the access they need and disconnecting any you no longer use.
• Rotating API keys periodically and storing them in a secret manager.
• Reviewing who has access to your workspace.

If you discover a security issue, email [email protected] with the details and steps to reproduce. We investigate every report, keep you updated, and ask that you give us a reasonable window to fix the issue before disclosing it publicly. We do not pursue legal action against good-faith research conducted under these terms.

For any security question, reach the team at [email protected].