OpSpot installs AI employees that handle real work for small businesses — answering, following up, prepping calls, sending receipts. That means our AI employees touch your business data, so we hold ourselves to security practices a buyer can actually review. This page lays out how we run, in plain English. If you need a security questionnaire completed or a DPA signed, email hello@opspot.ai and we'll turn it around.
Security posture
We are a small, focused company that runs a deliberately simple, defensible stack. Fewer moving parts means fewer places to go wrong. Our core principles:
Hard isolation per client — each client's AI employee runs on its own dedicated virtual machine. No shared multi-tenant database, no co-mingled data.
No plaintext secrets — credentials live in a dedicated secrets manager (1Password), never in code or repositories.
Human-in-the-loop on high-risk actions — anything that moves money, sends external messages at scale, mutates credentials, or touches a client VM requires explicit human approval before it runs.
Every action leaves a receipt — agent actions write to an append-only audit trail, so there's a verifiable record of what was done and when.
Per-client isolation
This is the foundation of how we protect your data. Each client's AI employee runs on its own dedicated, isolated virtual machine (provisioned on Orgo.ai). Your AI employee, its memory, and its access to your tools live entirely within your own VM.
No shared tenant data. There is no shared multi-tenant database where one client's records sit next to another's.
No cross-client mixing. One client's AI employee cannot see, query, or reach another client's data. The isolation is at the infrastructure boundary, not just an application-level filter.
Blast radius is contained. Because each deployment is its own machine, an issue affecting one client's environment does not spill into another's.
Data handling & encryption
We minimize what we hold and protect what we do.
In transit: data moving between you, our systems, and the tools we connect to is encrypted using industry-standard TLS (HTTPS).
At rest: client VMs and our hosted infrastructure (Vercel for the website, Google Workspace for email/docs) use the underlying providers' encryption-at-rest. [Colton to confirm per-provider specifics for a given questionnaire.]
Secrets: API keys, tokens, and passwords are stored in 1Password. Our code and repositories contain only references to secrets, never the secret values themselves.
Source & docs: source code lives in private Git/GitHub repositories; internal documentation lives in a private Obsidian vault on company-controlled hardware.
Data retention & ownership
You own your data. The business data your AI employee works with belongs to you. You can request an export or deletion of your data at any time by emailing hello@opspot.ai.
How we collect and use website analytics is covered in our Privacy Policy. Our internal practices for retaining the records that prove work was done (receipts and logs) are governed by an internal data-retention guarantee; we're glad to walk a prospective customer through it on request.
AI governance
Our AI employees are powerful, so we put real guardrails around them.
We do not train shared models on your data without explicit opt-in. Your client data is not used to train models that benefit other customers unless you have explicitly opted in. Isolation is the default; sharing is a deliberate, consented choice.
Human-in-the-loop gates on high-risk actions. A defined set of high-impact actions — moving money, large-scale external outreach, credential changes, and changes to a client VM — cannot run autonomously. They require human approval each time.
Receipts and an audit trail for every agent action. Agent actions write to an append-only log. If you need to know what your AI employee did, there is a record to point to.
Dry-run by default for new automations. New customer-facing automations run in a test ("dry-run") mode and are only switched live per customer after they've been validated.
Access control
Multi-factor authentication (MFA) is enabled on accounts that support it.
Least privilege — agents and people get only the access they need for their role, and no more.
Centralized secrets — access to credentials is managed through 1Password rather than scattered across files, machines, or messages.
Solo-founder operation today. OpSpot is currently run by founder Colton Harris with an AI-agent workforce; access to client environments is tightly held. [Colton to confirm specifics for any given review.]
Sub-processors
We use a small set of established vendors to deliver the service. The current list:
This register is the current list of sub-processors. We'll provide written notice of material changes on request as part of a DPA. For the analytics vendors specifically, see the Privacy Policy.
Reliability & status
Because each client runs on an independent VM, a problem with one deployment does not take down others. A public status page is on the way at status.opspot.ai (coming). In the meantime, for any service question or to report a problem, email hello@opspot.ai or call (910) 515-8927.
Compliance
We believe in being straight about where we are. OpSpot is not yet SOC 2 certified. What we can do today:
Complete your security questionnaire.
Review and sign a Data Processing Agreement (DPA).
Share our SOC 2 roadmap on request.
We will never claim a certification, audit, insurance policy, or penetration test we don't have. When we earn certifications, we'll publish them here.
Responsible disclosure
If you discover a security vulnerability in OpSpot, we want to hear about it. Please email hello@opspot.ai with details and steps to reproduce, and give us a reasonable window to respond before any public disclosure. Our machine-readable security contact is published at /.well-known/security.txt. We do not take legal action against good-faith security research.
Contact
OpSpot — Wilmington, North Carolina — hello@opspot.ai · (910) 515-8927. For security reviews, DPAs, or questionnaires, email us and we'll get you what you need.