ABNSkapa konto →
Tillbaka

Transparency

What ABN sees, what it doesn't,
and what we will never do

ABN is built on a single trade — give up the ability to collect customer data, gain the ability to be honest about it. This page is that honesty, written down.

Our commitments

Five rules we will not bend

Local execution — we never see your data

The whole ABN node runs on your server, your VPC, your machine. There is no SaaS control plane. There is no "call home" channel. Your data stays on your side of the firewall, by construction.

Stateless architecture — we never store your data

Every engine reads from the DB, runs in memory, writes results back, and terminates. No long-lived process holds history. There is no central store of customer values to leak, breach or subpoena.

Honest about limitations — what ABN cannot do

Below this section we list — by name — the things ABN is not good at. We would rather lose a deal than oversell.

Human in the loop — actions always require approval

V1 agents are read-only or propose-only. A TIER 2 PROPOSE_CHANGE proposal lands in your dashboard with a named human owner; nothing changes in your systems until a person signs.

Explainable AI — every finding traceable to source

Result Attestation Layer ties every output to the exact source records used. You can ask the agent "what data did you use, and why?" and get a cryptographically signed answer — straight from your own transparency tables.

Inputs

What ABN reads — and what it never reads

ABN reads

  • Invoice numbers
  • Amounts and totals
  • Dates and timestamps
  • Process flow events
  • System status codes
  • Order and delivery IDs
  • GPS route data (aggregated)

ABN never reads

  • Names of individuals
  • Email addresses
  • Personal ID numbers
  • Phone numbers
  • Passwords or credentials
  • Financial account details
  • Medical records content

Enforcement is structural, not policy-based. PII Guardian + Data Minimizer drop non-whitelisted fields and pseudonymise PII with SHA-256 before any value reaches memory. The per-(connector, resource) whitelist is auditable in the repo.

Architecture

The decisions we made — and why

Why local execution (not cloud)

A SaaS data breach exposes every tenant in a single incident. An ABN node breach exposes one tenant — the one whose own infrastructure was compromised. The blast radius is bounded by physics, not by hope.

Why stateless (not persistent)

A process with no in-memory history offers nothing to exfiltrate. A crash recovers from the database without data loss because there is nothing to lose in memory.

Why zero-trust (not perimeter security)

Perimeter security assumes a trusted interior. ABN does not. Every blueprint is HMAC-signed, every action is policy-checked, every output passes Culture Rules — even when the caller is "trusted" code on the same node.

Why human approval is required

V1 limits agents to TIER 1 (auto-deliver, read-only) and TIER 2 (propose, human-approved). TIER 3 (EXECUTE_CHANGE) is deferred to V2 and gated on SOC 2 + a governance layer. You should not have to trust a robot to write to your systems — and you do not have to.

Limitations

What ABN cannot do (yet, or ever)

We would rather you know upfront than be disappointed later.

ABN needs ≥ 10 historical events to learn a process

Below 10 events the engine runs in NO_HISTORY mode — Pattern Library defaults and industry baselines kick in until your own data accumulates. Useful, but not yet calibrated to you.

Confidence is never 100 %

Every finding ships with a numeric confidence; sub-0.50 confidence triggers an automatic escalation and the run is tagged "needs review". We will not pretend a value is certain when the data says it is not.

No action without human approval (by design)

Even when an agent is sure, a TIER 2 PROPOSE_CHANGE waits for a named human signature. We consider this a feature, not a roadmap item.

Connectors are configured — not auto-discovered

ABN does not scan your network or guess what systems you run. You explicitly enable each connector via Nango. This is slower at onboarding and safer for the next ten years.

Responsible AI

Principles, enforced by architecture

No training on customer data

We do not train, fine-tune, or distil any model on customer data — there is no customer data to train on, because the LLM only ever sees abstract structures.

No model fine-tuning on customer processes

Pattern Library and DNA-phase baselines learn per-tenant — they do not propagate to other tenants and never to the underlying LLM weights.

Audit log for every agent action

Six customer-owned transparency tables record every read, every LLM call, every proposal, every permission change. You can SQL them whenever you want.

Customer can delete all data at any time

There is nothing on our side to delete; on your side, uninstalling the node removes the local SQLite/Postgres and the reports folder. No residue.

Read more

The legal centre has the receipts

Every claim on this page is backed by a document in the legal centre — DPIA, AI Act dossier, security checklist, DPA template. Browse, download, share with your reviewer.

Go to the legal centre →Security architecture