Winsen
SECURITY & TRUST

AI you can actually let into the building.

A chatbot that says something wrong is awkward. An AI employee that does something wrong is a problem. So we built Winsen so the wrong thing is hard to do, and easy to catch.

Read the docs
TL;DRWinsen is permission-aware (the AI sees only what the user can see), approval-first (consequential actions wait for a human), and fully audited (every action has a receipt). Built for SOC 2 and HIPAA from the ground up, with the certifications in motion. Your brain is customer-owned and exportable.

Permission. Approval. Audit.

The three questions every security team asks, answered by design.

01
Permission-aware

Can it even see that?

Walle and the AI employees inherit the exact permissions of the person they work for. If you can't see a doc, neither can your AI. No new access surface, no data leaking across teams.

  • Inherits your existing roles and scopes
  • Respects every source system's permissions
  • No "AI admin" backdoor to your data
02
Approval-first

Should it really do that?

Consequential actions wait for a human. Sending money, emailing a customer, deleting anything, those stop for approval, every time, until you say otherwise.

  • Money, outreach, deletion always gated
  • You choose what becomes autonomous
  • Every gate is configurable per role
03
Full audit

What exactly did it do?

Every action an AI employee takes is logged with its reasoning, the data it touched, and the result. Not a black box. A glass one.

  • Every action logged with its reasoning
  • Filter by employee, action, or outcome
  • Export for your compliance team

“What exactly did it do?” Click and find out.

Every fact carries its source and how sure the system is. Same for every action. This is the actual audit view, from a live workspace.

bridge.winsen.ai
The Brain
847 facts91% avg confidence
winsen.mrr = $134,212
Stripe live · 6h
observed
tejas.signoff = "– Tejas"
you set · from 412 sent mail
pinned
winsen.icp = Series A SaaS, 15–60 people
52 deals analyzed · 5d
inferred
acme.next_renewal = Jul 14 · $148K ARR
HubSpot + Gmail · 38m
observed
winsen.runway = 11.4 months
Mercury + Ramp · 2h
observed
Click any fact → source, history, who's using it.

Your data stays yours.

The brain is customer-owned and exportable. We don't train on it. We don't sell it. You can take it and leave whenever you want.

  • No training on your data, ever.
  • Export the full brain on demand.
  • Delete everything, for real.

Compliance, built in. Not bolted on.

We built Winsen for SOC 2, HIPAA, and GDPR from the ground up, so the controls are live in the product today. The formal certifications are admin in motion, and we'll tell you exactly where each one stands.

SOC 2 Type II
Controls in place, audit underway
HIPAA
Built to the standard, BAA on request
GDPR
Compliant
Encryption
At rest and in transit
Hosting
SOC 2 cloud, region options
Your brain
Customer-owned, exportable

We'd rather tell you exactly where we are than imply we're further along. Ask for the current report or a BAA.

No black-box runtime. We show our work.

The engine under Winsen is open and inspectable, not a proprietary mystery you have to trust.

AI runtime · open source

Platos

The runtime your AI employees think on is open source. Not a proprietary black box you take on faith. Read it, audit it, self-host it if you want to.

platos.dev
Tasks & workflows · durable

Trigger.dev

Every task and workflow runs on Trigger.dev: durable, observable, retryable. Long jobs survive restarts, and every run leaves a trace you can inspect.

trigger.dev
FAQ

The honest answers.

No dodging, no contact-sales-to-find-out.

Is my data used to train models?+
No. Never. Your brain is yours, used only to serve your team. We don't train on it, and we don't sell it.
What happens if the AI does something wrong?+
Approval-first means consequential actions are gated before they happen. And full audit means anything that did happen is logged and reversible where possible.
Are you SOC 2 and HIPAA certified?+
We built to both from the ground up, so the controls are live in the product today. SOC 2 Type II is mid-audit, and HIPAA is built to the standard with a BAA available on request. The engineering is done; the formal certifications are admin in motion, and we'll show you exactly where each one stands.
What runs Winsen under the hood?+
The agent runtime is Platos, which is open source, so the engine isn't a black box you take on faith. Tasks and workflows run on Trigger.dev: durable, observable, and retryable. You can inspect both.
Where is my data hosted?+
On SOC 2-compliant cloud infrastructure, encrypted at rest and in transit. Enterprise options for region and isolation are available.
Can I delete everything?+
Yes, for real. Export your brain, then delete it. Customer-owned means you're in control, including the exit.
Who can see what the AI sees?+
The AI inherits the permissions of the person it works for. There is no separate AI access tier and no backdoor.

The boring stuff, done right. So the exciting stuff is safe.

Want the deep version? Read the security docs or talk to our team.

See it in action
Don't take our word for it

Work is better with Winsen.

Ask your favorite AI for a summary on Winsen. It opens with the question ready, so you get an honest read in one click.

ChatGPTClaudePerplexityGeminiGrokCopilot

Powered by winsen.ai/llms.txt