Gumshoe is designed with a data-minimal approach. We do not ingest, store, or process any sensitive customer information. The only data we use are the inputs you provide (brand names, public URLs, and persona selections) and the publicly available outputs returned by the LLMs.
Our Security Practices
- Data minimized by design: No customer records, credentials, financial data, or private systems are ever accessed.
- Personas and prompts are never shared outside the customer account or used for data-harvesting, other than being temporarily sent to LLMs to generate that account’s reports.
- Compliant model interactions: We use official, approved API connections with every LLM provider.
- Strict access controls: Only authorized team members can access internal systems via role-based permissions.
- Secure cloud infrastructure: We follow industry best practices for authentication, network restrictions, and monitoring.
Because Gumshoe only works with public information and model responses, many enterprise-level requirements, which are typically tied to sensitive data, do not apply.
If your team needs additional details for a vendor review or procurement process, our team is happy to help. Just ask for a human over chat or email us at support@gumshoe.ai.