Security

Deployment (Desktop-run Beta)

During the beta, PatronPath is operated directly by our team on a secured desktop workstation to maximize control.

• Execution: Runs on a Pantomath-owned, fully encrypted workstation (no customer hosting).
• Data locality: Test artifacts (logs, redacted screenshots) are stored locally; no cloud compute is used for execution during the beta.
• Delivery: Reports are delivered via email or secure file-share.
• Data scope: No patron Personal Data is required or expected. Libraries provide test-only credentials for QA. The only personal information we process is business contact data for participating staff (e.g., name, email) to communicate about the pilot.

Data Residency & Transfers

We are a Canadian company operating the beta from Canada, and may process limited business contact data in the United States via standard productivity tools. Where a customer later instructs us to process Personal Data, our Data Processing Addendum (DPA) applies, including cross-border safeguards. Current providers are listed at /legal/subprocessors.

Encryption

• At rest: Mandatory full-disk encryption (BitLocker/FileVault); recovery keys stored securely.
• In transit: TLS for website, email transport (opportunistic TLS), and any file-share links.

Workstation & Network Controls

• Auto-lock ≤ 10 minutes; strong authentication; least-privilege user for daily operations.
• OS, browser, and firmware kept current; reputable EDR/anti-malware enabled.
• WPA2/3-secured network; no public Wi-Fi for execution; VPN for admin tasks as needed.

Secrets & Credentials

• Customer test credentials stored in a password manager or OS keychain; never committed to code.
• Scopes limited to what’s required; rotate at pilot end or on request.
• Credentials are never written to logs or reports.

Data Minimization & Redaction

• Screenshots captured only for verification or errors and are redacted by default for sensitive UI fields.
• Trace events include only technical details (URLs, selectors, status codes) needed for diagnosis.

Testing & Monitoring

• Local run health checks with alerts on failures.
• Regular dependency and security updates; monitoring for known vulnerabilities.

Incident Response

• P1 acknowledge target: 1 hour; initial update target: 4 hours.
• Customers notified without undue delay for any confirmed breach affecting Customer data, with details known at the time and planned mitigation steps.
• Post-incident review with corrective actions shared.

Data Retention & Deletion

• Logs: up to 90 days (beta default); Screenshots: up to 30 days.
• On pilot end or written request, Customer artifacts and credentials are deleted within 7 days; deletion confirmation provided.
• Custom retention windows can be configured during onboarding.

Sub-processors

No sub-processors are used for test execution during the desktop-run beta. Providers used for delivery/operations (e.g., email, secure file-share, productivity tools) are listed at /legal/subprocessors. We will provide notice of changes as described on that page.

Responsible Disclosure (Safe Harbor)

We appreciate good-faith security research. Report issues to security@patronpath.io.

• Do: avoid privacy violations or service disruption; use your own test accounts; give us reasonable time to remediate.
• Out of scope: DDoS, rate-limit abuse, physical attacks, social engineering, automated scanning without throttle/consent.

Compliance & Privacy Alignment

We are based in British Columbia, Canada, and align our practices to PIPA (BC) and/or PIPEDA. For US customers, we honor applicable rights under state privacy laws to the extent they apply to our processing volumes. If a customer instructs us to process Personal Data, our DPA governs that processing. See our Privacy Policy for details.