Security
Your books are not training data. Your books are not on shared infrastructure.
COSai stores financial data the way a bank handles it: per-tenant isolation, encryption in transit and at rest, OAuth-only credentials, and a full audit trail of every action the agent takes.
Data isolation
Every tenant's data is row-level isolated inside Postgres (SET LOCAL app.current_tenant + RLS policies). A query that runs without a tenant context returns zero rows by design.
Encryption
Data in transit: TLS 1.2+ everywhere, including between application and database. Data at rest: AES-256 disk encryption on managed Postgres and S3 buckets. Per-tenant DEKs wrapped by AWS KMS for the most sensitive fields.
Credentials
COSai never stores bank or accounting passwords. All connections use OAuth tokens (QuickBooks, Xero, Jobber, ServiceTitan, Plaid, Gmail, Outlook, Stripe). Tokens are encrypted at the application layer before hitting the database. Disconnecting a connector revokes the token at the provider and clears it locally.
Audit trail
Every action an agent takes is written to an immutableagent_action_log with the agent name, task, confidence score, trust-dial level, and the human approval (if any). Owners and their bookkeepers can review the full history at any time.
AI usage
COSai uses Anthropic Claude for reasoning. Your data is not used to train foundation models. We do not share tenant data with other tenants, and the agent has no cross-tenant read path.
Reporting issues
Found something? Email rico@cosai.tech and we'll respond within one business day.