Security
Newsrooms handle leaks, whistleblowers, and sources who trust them. Below is what we do to protect that trust at the application and platform layer.
Workspace isolation
Every team has its own workspace. Permission checks run on every API request — there's no shared cache or cross-workspace lookup that could leak data between organisations.
Granular permissions
15 role presets (reporter, editor, chief, photo editor, guest, viewer, …) × ~50 granular permissions, with ALL/OWN scope. A reporter doesn't see the editor-in-chief's materials unless explicitly shared.
AI data policy
AI features call OpenAI and Anthropic under their enterprise terms — your materials are never used to train models. Every chat session is logged with attachments and per-call cost so you can audit who asked what.
Auditable AI answers
Every AI response is grounded in specific materials you attached. The chat UI shows which sources the model saw — fact-checking is reading the citation chips, not the whole pipeline.
Encryption
- In transit — HTTPS only (HSTS preload), TLS 1.3 where the client supports it.
- At rest — PostgreSQL on Digital Ocean managed disks (encrypted at the volume layer); backups encrypted with rotated keys.
- Auth — short-lived JWT (15 min) with refresh-token rotation in an httpOnly, same-origin cookie.
Smaller attack surface
Field work is offline-first by design. Edits queue in the browser's IndexedDB and sync when the network returns — less data in transit means less data exposed during a flight, in a café, or on hostile wifi.
Hosting
Application and database in Digital Ocean Frankfurt (EU). No US data centres, no cross-Atlantic replicas.
Responsible disclosure
Found something? Email security@narratic.app. We will acknowledge within 72 hours and work with you in good faith. We don't have a bug bounty yet, but we credit reporters in fix notes when they want to be credited.