Discretion is the product.
This industry runs on privacy. Here is exactly how the system protects yours, in plain language, with nothing aspirational.
Access is invite-only
- No public signup exists. Every account is created by hand.
- An email allowlist backs up authentication: a valid login with an unlisted email is treated as logged out.
- The allowlist is enforced twice, at the edge middleware and again inside every server route.
Your data is isolated
- Chat history is keyed to your user with row-level security in the database.
- Answers are generated only from the vault's content. There is no cross-tenant anything.
- Your data is not used to train models.
The public site reveals nothing
- The real knowledge graph is served only behind authentication.
- The constellation on the landing page is a scrubbed derivative: re-keyed ids, generic labels, no titles, no note paths. A validator hard-fails the build if identifying strings leak into it.
- Names of models, personas and internal strategies never appear on public surfaces.
Infrastructure
- Served from Vercel's London region over HTTPS.
- Authentication and database by Supabase.
- Waitlist submissions are write-only from the public site: no public read path exists.
Ask us anything, straight
Security questions get direct answers, including "we don't do that yet." Write to sam@ovington.io.
We built the public site assuming a competitor would read every pixel of it.
We onboard a few agencies at a time.
Access stays invite-only while founding agencies onboard. Request a slot and we'll reach out when one opens.