Security Posture for MemFlair-Backed Engagements

Practical summary for security and engineering reviewers. The full questionnaire packet is available on request—nothing sensitive ships until your team is comfortable with processors, retention, and known v1 gaps.

Request the Security Questionnaire Packet
Security-focused data flow diagram for MemFlair-backed engagements: sources, processing components, storage, and LLM routing
High-level view of how data moves during a sprint. Your counsel and ours govern final processing characterization in contract exhibits.

Data flow overview

Approved sources feed ingestion and normalization. Context items receive trust labels and provenance. Retrieval serves workflow-scoped bundles to practitioners and measurement systems. LLM routing is configurable; embeddings have a known v1 posture described below.

Processor posture

In the default deployment, MemFlair relies on processors including OpenAI (embeddings), Pinecone, Postgres, object storage (S3/R2), Clerk, and Fly.io. Self-hosted Unstructured is part of the MemFlair deployment boundary—not a separate third-party processor in the v1 default path. LLM inference can be MemFlair-managed or routed to customer-controlled endpoints where supported.

LLM routing

MemFlair-managed Anthropic Claude remains the standard default for early platform-backed pilots. BYO-LLM can be scoped where supported, allowing inference to route through your Anthropic, OpenAI, Azure OpenAI, or AWS Bedrock account. Embeddings remain MemFlair-managed in v1. BYO-LLM can reduce MemFlair's role in the inference path, but exact legal and processing characterization belongs in counsel-reviewed agreements for your facts.

Known v1 gap: embeddings

Even when you BYO-LLM for chat completions, embeddings remain MemFlair-managed in v1. Customer text used to generate embeddings leaves your environment for that step. If this is a blocker, we say so early—before you invest in a sprint.

Tenant isolation

  • Single-tenant deployment per paying customer or design partner workspace.
  • Workspace-level separation of data and configuration.
  • One Pinecone namespace per workspace in v1.
  • One Postgres database per workspace in v1.

Retention and deletion

  • Raw source artifacts: 90 days after last use by default.
  • Bundle responses: 30 days default, configurable to 0.
  • Audit logs: retained at least 365 days.
  • Workspace deletion endpoint purges Postgres, the Pinecone namespace, the object storage prefix, and audit references for that workspace, subject to any legal hold process you invoke separately.

Known gaps

  • No SOC 2, ISO 27001, or HIPAA certification in v1.
  • No third-party penetration test report on file yet.
  • Formal enterprise security readiness matures after early design partners.

Request the Security Questionnaire Packet

Security questionnaire packet available before any data is shared. It covers data flow, processors, tenant isolation, access controls, retention, deletion, and known v1 gaps. There is no public direct download of the full packet from this site.

Request the Security Questionnaire Packet

Prefer the Contact page for all inquiry options in one place.