Skip to content
THOUGHT PATTERN AI
Products Tapestry Conclave Engram
Request a demo

Legal

Security

Thought Pattern AI, LLC
Last updated July 1, 2026

Security is not a feature we add at the end. It is part of how our systems are built. This page describes how we protect your data and how to report a vulnerability.

Contents

  1. Our approach
  2. Data protection
  3. Engagement isolation
  4. Infrastructure
  5. Data handling and retention
  6. Accountability
  7. Access control
  8. Reporting a vulnerability
  9. Contact us
Section 01

Our approach

We put alignment and safety in the architecture rather than hoping for good behavior at runtime. The same principle governs how we handle your data: sensible defaults, clear boundaries, and failures that surface where they can be caught and corrected. The practices below describe how that principle is applied in practice.

Section 02

Data protection

Data is encrypted in transit using current TLS standards and encrypted at rest. We minimize the data we collect and retain, and we separate the durable record of work from transient state so that what matters is protected and what does not is cleared.

Section 03

Engagement isolation

Every engagement is isolated. Your data, your deliverables, and the records of the work are kept within your engagement’s boundary, and one engagement is never reachable from another. Where work runs in a dedicated environment, that environment is provisioned for your engagement and is not shared across customers.

Section 04

Infrastructure

Our services run on established cloud infrastructure with managed, regularly patched platform services. We use least-privilege roles for the components that make up the Services, and we prefer managed primitives over hand-operated systems to reduce the surface we have to secure.

Section 05

Data handling and retention

We retain your data only as long as needed to provide the Services and meet our legal obligations. At the end of an engagement, your data is deleted and you receive confirmation, except where you have asked us to retain a record, which stays inside your engagement’s boundary and nowhere else. Our full data practices are described in our Privacy Policy.

Section 06

Accountability

Our systems are built to account for their own work. Where a deliverable is produced, the reasoning behind it can be traced and reviewed, and a failure can be investigated back to the step that produced it. Accountability is a security property: it means problems can be found and fixed rather than hidden.

Section 07

Access control

Access to systems and customer data is limited to the personnel who need it, protected by strong authentication, and granted on a least-privilege basis. We review access and remove it when it is no longer required.

Section 08

Reporting a vulnerability

We welcome reports from security researchers. If you believe you have found a vulnerability in our Site or Services, please email hello@thought-pattern.com with the subject line “Security” and enough detail for us to reproduce the issue. Please give us a reasonable opportunity to investigate and remediate before public disclosure.

We will not pursue or support legal action against researchers who act in good faith, avoid privacy violations and service disruption, and do not access or modify data beyond what is needed to demonstrate a vulnerability. We aim to acknowledge reports promptly and to keep you informed as we work toward a fix.

Section 09

Contact us

For any security question, reach us at hello@thought-pattern.com.

THOUGHT PATTERN AI

© MMXXVI Thought Pattern AI, LLC.
All rights reserved.

Products

Tapestry Conclave Engram

Company

About Contact

Resources

GitHub

Legal

Privacy Terms Security