Security & Trust

Security built for regulated clients

Last updated: May 26, 2026Covers: our service and the lyncs.ai website

Lyncs runs AI behind your brand for clients in trades and regulated industries, so security is not a feature we added later. It is how the work is built. This page explains how we protect client data in the field, how we run this website, the providers we rely on, and how to report a problem. If your client’s security team is reviewing us, start here.

01 The short version

If you only read one section, read this one. Four principles guide everything below:

Data stays on-site by default.The client’s sensitive records live on their own equipment, not in our systems.
We sell only to MSP partners. We never contact or hold a direct relationship with your end client, which keeps the data path simple and contractual.
Least access, always. Each person and each AI agent reaches only what its job requires, and access is logged.
Everything is auditable. Prompts, allow and deny decisions, and redactions are recorded so you can show an auditor or insurer what happened.

02 Protecting client data

Most trades and regulated SMBs run on-premise systems, such as QuickBooks Desktop, that cloud AI cannot safely reach. We keep that data where it belongs and put controls between it and anything external.

A local AI firewall

Every request bound for a cloud model passes through a checkpoint first. Customer records, financials, and health data are stripped or blocked before anything leaves the building. It fails closed: if something sensitive cannot be protected, it does not go out.

Role-based access

Each employee’s AI sees only what their role allows. Finance reaches the books, sales reaches the CRM, and access is granted or removed like any other account.

Private knowledge stays local

The client’s documents are searchable by their AI but are not uploaded to us. Internal records stay on the on-site system.

A full audit trail

Every prompt, every allow or deny, and every redaction is logged, with regular reports you can hand to an auditor or insurer.

03 The MSP-only boundary

This is a security control as much as a business model. Lyncs works only through our MSP partners. We do not sell to, contact, or hold a direct relationship with the partner’s end clients. The partner keeps the client relationship and the on-site access; we operate the AI behind the scenes under the partner’s brand.

For a client’s security team, that means a clear and contractual data path: their data flows to a partner they already trust, not to an unknown third party. The boundary is written into our partner agreements.

04 When cloud AI is used

Local and on-site processing is the default. Some tasks still call for a frontier cloud model, and when they do, the local AI firewall in section 2 decides what may leave first. Sensitive data is stripped or blocked before any request reaches an outside provider.

For that cloud work we rely on established frontier-model and major cloud-infrastructure providers, under their business and enterprise data terms, and we choose providers that do not train their models on business customer data by default. We keep the specific tooling we run private. The categories of provider that may process firewalled data are summarized in section 7.

05 Our people

Every specialist we place is a certified technician. We hire through a professional HR process and match each specialist to what a partner and their clients actually need, with certifications across the platforms they work on, including AWS, NVIDIA, and Anthropic. Specialists work under confidentiality agreements, and access to a partner’s environment is limited to the people assigned to it and removed when an assignment ends.

06 Website security

This website is deliberately simple, which keeps its attack surface small.

Served only over HTTPS, with modern security response headers including a content security policy and clickjacking protection.
No advertising or analytics trackers. There is no Google Analytics, no Meta Pixel, and no third-party tracking pixels.
The careers form validates file type and size on the server, rate-limits submissions, screens out automated spam, and emails applications to us rather than storing them in a public location.

How the site handles personal data is covered in our Privacy Policy.

07 Service providers

We keep our provider list short on purpose. These are the third parties that may process data, split by where they apply.

Website

Provider

What it does

Data involved

Hostinger

Website hosting and content delivery network.

Server logs, IP

Calendly

Scheduling the demo calls you book on the site.

Name, email, IP

Resend

Delivers job applications from the careers form to our inbox.

Application, CV

Service (only when a task needs cloud AI)

Provider

What it does

Data involved

Frontier AI & cloud

Established model and cloud-infrastructure providers, used only for firewalled requests that cannot be handled on-site, under business data terms.

Firewalled requests

Each provider handles data under its own terms. We share only what a task requires, and only after the data firewall has done its work.

08 Reporting a vulnerability

If you have found a security issue with this website or our service, please tell us. Email security@lyncs.ai with enough detail to reproduce it. We will acknowledge your report and keep you updated as we look into it.

For researchers: our /.well-known/security.txt file lists the same contact in the standard format. Please give us a reasonable chance to fix an issue before disclosing it publicly. We will not pursue action against good-faith research that respects user privacy and avoids service disruption.

09 Precision over hype

We describe only controls that are real and in use today, and we state what we can stand behind rather than imply credentials we have not earned. Formal third-party attestations are part of our security roadmap, and we will publish them here as they are completed.

10 Contact

Security questions, a request about data, or a vulnerability report can all go to security@lyncs.ai. We are LYNCS LLC, the Hybrid AI Operations Partner for local US IT and MSPs.