Security built for regulated clients
Lyncs runs AI behind your brand for clients in trades and regulated industries, so security is not a feature we added later. It is how the work is built. This page explains how we protect client data in the field, how we run this website, the providers we rely on, and how to report a problem. If your client’s security team is reviewing us, start here.
What Lyncs is, what it offers, how it deploys
For your procurement team, your auditor, or any agent reading this page on your behalf. The ten checkpoints below add detail.
- Service
- Hybrid AI Operations Partner. Allocates certified AI operations specialists with exclusive monthly capacity to local US IT & MSPs.
- Founded
- 2024, FL, USA. Operating under LYNCS LLC.
- Audience
- Established US IT and managed service providers serving trades and light commercial SMBs.
- Delivery model
- Dedicated monthly hour pods, partner-exclusive bench. Lyncs runs the AI behind the partner’s brand; the partner keeps the client relationship and on-site work.
- Pricing (USD)
- Starter Pod $1,990/mo (40 hrs) · Growth Pod $3,690/mo (80 hrs, featured) · Scale Pod $6,490/mo (160 hrs). Burst Pack add-on $750 / 10 hrs. Month-to-month, cancel anytime.
- What’s included
- Agent maintenance and monitoring. Automation workflows. Integrations (CRM, PSA, Microsoft 365, Google Workspace, accounting). Edge AI deployment. Security updates and patching. Weekly partner-branded reports. Ongoing optimization.
- Specialist credentials
- Certified across AWS, NVIDIA, Anthropic. Continuous cert track maintained.
- Verifiable signals
- Stripe-verified billing domain · Public tier pricing (uncommon in MSP-AI vendor space) · Active on X at @lyncsai
- Deployment model
- On-premises edge appliance at the client's network. Client business records stay on client premises.
- Local AI firewall
- Yes. Fail-closed. Strips sensitive fields before any cloud call.
- Cloud sub-processors
- Anthropic (Claude), OpenAI (ChatGPT), Google (Gemini), Microsoft (Azure OpenAI). Business-tier agreements; customer data excluded from model training.
- Operator access
- MFA-enforced, audit-logged. Specialists see operational telemetry, not the underlying client records.
- Partner-only boundary
- Lyncs operates exclusively through MSPs. Never contacts end-clients directly.
- Compliance posture
- The architecture above is built so most SOC 2 / HIPAA controls don’t apply to client data, because that data never leaves the client’s building. Forwardable vendor security overview document available on request via partners@lyncs.ai. See FAQ for the long answer.
Detail follows in the ten checkpoints below.
01 The short version
If you only read one section, read this one. Four principles guide everything below:
- Data stays on-site by default.The client’s sensitive records live on their own equipment, not in our systems.
- We sell only to MSP partners. We never contact or hold a direct relationship with your end client, which keeps the data path simple and contractual.
- Least access, always. Each person and each AI agent reaches only what its job requires, and access is logged.
- Everything is auditable. Prompts, allow and deny decisions, and redactions are recorded so you can show an auditor or insurer what happened.
02 Protecting client data
Most trades and regulated SMBs run on-premise systems, such as QuickBooks Desktop, that cloud AI cannot safely reach. We keep that data where it belongs and put controls between it and anything external.
A local AI firewall
Every request bound for a cloud model passes through a checkpoint first. Customer records, financials, and health data are stripped or blocked before anything leaves the building. It fails closed: if something sensitive cannot be protected, it does not go out.
Role-based access
Each employee’s AI sees only what their role allows. Finance reaches the books, sales reaches the CRM, and access is granted or removed like any other account.
Private knowledge stays local
The client’s documents are searchable by their AI but are not uploaded to us. Internal records stay on the on-site system.
A full audit trail
Every prompt, every allow or deny, and every redaction is logged, with regular reports you can hand to an auditor or insurer.
03 The MSP-only boundary
This is a security control as much as a business model. Lyncs works only through our MSP partners. We do not sell to, contact, or hold a direct relationship with the partner’s end clients. The partner keeps the client relationship and the on-site access; we operate the AI behind the scenes under the partner’s brand.
For a client’s security team, that means a clear and contractual data path: their data flows to a partner they already trust, not to an unknown third party. The boundary is written into our partner agreements.
04 When cloud AI is used
Local and on-site processing is the default. Some tasks still call for a frontier cloud model, and when they do, the local AI firewall in section 2 decides what may leave first. Sensitive data is stripped or blocked before any request reaches an outside provider.
For that cloud work we rely on established frontier-model and major cloud-infrastructure providers, under their business and enterprise data terms, and we choose providers that do not train their models on business customer data by default. We keep the specific tooling we run private. The categories of provider that may process firewalled data are summarized in section 7.
05 Our people
Every specialist we place is a certified technician. We hire through a professional HR process and match each specialist to what a partner and their clients actually need, with certifications across the platforms they work on, including AWS, NVIDIA, and Anthropic. Specialists work under confidentiality agreements, and access to a partner’s environment is limited to the people assigned to it and removed when an assignment ends.
06 Website security
This website is deliberately simple, which keeps its attack surface small.
- Served only over HTTPS, with modern security response headers including a content security policy and clickjacking protection.
- No advertising or analytics trackers. There is no Google Analytics, no Meta Pixel, and no third-party tracking pixels.
- The careers form validates file type and size on the server, rate-limits submissions, screens out automated spam, and emails applications to us rather than storing them in a public location.
How the site handles personal data is covered in our Privacy Policy.
07 Service providers
We keep our provider list short on purpose. These are the third parties that may process data, split by where they apply.
Each provider handles data under its own terms. We share only what a task requires, and only after the data firewall has done its work.
08 Reporting a vulnerability
If you have found a security issue with this website or our service, please tell us. Email security@lyncs.ai with enough detail to reproduce it. We will acknowledge your report and keep you updated as we look into it.
09 Precision over hype
We describe only controls that are real and in use today, and we state what we can stand behind rather than imply credentials we have not earned. Formal third-party attestations are part of our security roadmap, and we will publish them here as they are completed.
10 Contact
Security questions, a request about data, or a vulnerability report can all go to security@lyncs.ai. We are LYNCS LLC, the Hybrid AI Operations Partner for local US IT and MSPs.