How IKAN protects your data

TLS 1.3 in transit, AES-256 at rest. Supabase Postgres + Storage, Vercel edge — both enforce encryption by default. Voice transcripts and KB embeddings live in the same encrypted column families.

Every Supabase table has Row Level Security; service-role keys never touch user-facing routes. Persona = data: junior consultants don't see surfaces they don't need (sidebar hard-hidden by IKAN-canonical staff_role).

No paid lock-ins for core inference: tesseract.js for OCR, Whisper-via-Groq for ASR, Coqui XTTS / Groq playai-tts for TTS, Postgres job queue instead of Inngest. Self-host upgrade paths documented for every layer.

Per-user DSAR endpoints (assignee + RMC + vendor portals). Audit retention rotation runs on the 1st of every month. AIRA reasoning traces are stored for 90 days then purged.

Lease drafts, proforma invoices, and any AIRA proposal flagged sensitive route through three sequential reviewers — initiator can't self-approve, same person can't fill two slots. Spec 11 §3.

RMC tenancy is data-scoped, not infra-instanced (cleaner blast radius). Default region: Singapore (Vercel bom1 + Supabase ap-south-1). EU data residency available on request.