Jake
Sign inSign up

Security

Jake handles your pipeline and your customer conversations, so security is foundational, not a feature. This is a plain-English summary of how we protect your data. For specifics on a particular control, reach out - we’re happy to walk a security team through it.

Your data is never used to train AI models

Jake uses large language models to extract MEDDPICC and write coaching, but your deals, transcripts, and emails are never used to train those models. Content is sent to our AI provider only to generate a result for you, under agreements that prohibit training on it and enforce zero retention. Your data is yours.

Data scoping

Every row in Jake is protected by row-level security in the database itself, not just in application code. A rep can only read their own deals, MEDDPICC, audits, and quotas. Accounts are scoped to the team; deals are scoped to the individual rep, so two reps on the same team see shared accounts but not each other’s deals. Managers get read-only visibility into their own team and nothing beyond it. These boundaries are enforced at the data layer, so a bug in the app can’t leak across them.

Integration tokens

When you connect a tool, Jake stores the access and refresh tokens needed to read from it, scoped to the minimum permissions required - read-only for CRM and email, send-only for Slack. We request no write scopes to your systems of record. Disconnecting a tool deletes its stored credentials.

Audit trail and platform controls

Administrative access is logged. Any time a platform administrator views an account on a customer’s behalf, it’s recorded in an immutable audit trail - who, when, and why - that can’t be edited or deleted from the application. Support access is time-boxed and visibly flagged in the product while active.

Application hardening

The application ships with baseline security headers (HSTS, frame-denial, MIME-sniffing protection, a strict referrer policy), rate limiting on public endpoints to prevent abuse, and authentication via magic-link sign-in. We’re building toward SOC 2, and these controls are the anchors of that work.