Our security and privacy principles:
Your data never trains anyone else's model
Every Detoil instance is isolated to your company. The data you share — your contracts, your financials, your people information — is used only to serve you. It is never aggregated, shared, or used to train models that serve other companies.
POPIA compliance
Detoil is designed and operated in full compliance with the Protection of Personal Information Act (POPIA). We act as an operator under your instruction. You remain the responsible party for your company's data.
Encryption at rest and in transit
All data is encrypted using industry-standard protocols. Communications are handled through secure, authenticated channels. Documents are stored in encrypted vaults.
Access controls
You decide who in your company can interact with Detoil and at what level. Role-based access means your bookkeeper can see financials but not employment contracts, and your office manager can initiate HR tasks but not approve them.
Audit trail
Every action Detoil takes, and every approval you give, is logged. You have a complete, immutable audit trail of every decision — which is itself a powerful governance and compliance asset.
No lock-in
Your documents, data, and records belong to you. At any point, you can request a full export of your company data in standard formats. Cancelling your subscription does not delete your records.