Security Overview

Last updated: April 2026

This page provides a plain-language overview of how The Liggett Group protects your data on the TLG Claims Validation Platform. This is not a formal security certification document — it is intended to help you understand our security practices and make informed decisions about using the Platform.

1. Encryption

In transit. All communication between your browser and the Platform is encrypted via HTTPS (TLS). We use a reverse proxy with automatic certificate management to ensure encryption is always active.

Internal services. Communication between our internal services uses Tailscale, which provides WireGuard-based encrypted tunnels. This includes communication between the orchestrator, evidence retrieval services, and GPU processing infrastructure. All internal traffic is encrypted and authenticated — services are not exposed to the public internet.

2. Tenant Isolation

The Platform uses PostgreSQL Row-Level Security (RLS) to enforce tenant isolation at the database level. This means:

• Every database query is automatically scoped to your organization. One tenant cannot access another tenant's data, even in the event of an application-level bug.
• Organization boundaries are enforced by the database engine itself, not just by application logic.
• Administrative operations use a separate, restricted connection path with explicit security context.

3. Authentication

The Platform supports multiple authentication methods, all designed to be secure by default:

• Email verification codes. One-time codes sent to your email address. Codes expire after a short validity period and are rate-limited to prevent brute force.
• Single sign-on (SSO). Google and Microsoft SSO via OAuth 2.0 / OpenID Connect. Your password is never shared with us — authentication is handled entirely by the identity provider.
• Passkeys (WebAuthn). Hardware-backed or platform-backed cryptographic credentials. Passkeys are phishing-resistant and do not involve shared secrets.
• Session management. Sessions use HttpOnly cookies that are not accessible to client-side JavaScript. Sessions have a 7-day time-to-live and can be explicitly terminated.

4. Document Handling

We take the security of your uploaded documents seriously:

• Processing. Uploaded PDFs are processed to extract text, identify claims, and retrieve evidence. Processing occurs on our controlled infrastructure.
• Retention. Run data — including the uploaded document and intermediate processing artifacts — expires 24 hours after the run is created (configurable). After expiry, document content is no longer accessible through the Platform.
• Scorecards. The resulting scorecard data (extracted claims, evidence scores, findings) is retained for your ongoing access. Scorecards do not contain the full original document — they contain extracted claims and evidence references.
• No permanent document storage. We do not maintain a long-term archive of your uploaded documents beyond the retention period.

5. AI Processing Infrastructure

The Platform uses AI models to extract claims, select evidence, and score evidence quality. Here is how we handle AI processing securely:

• Dedicated hardware. AI models run on dedicated rented GPU hardware (via vast.ai), not on shared third-party AI API services. Your document content is not sent to OpenAI, Google, Anthropic, or any other third-party AI provider.
• Encrypted connections. GPU instances connect to our infrastructure via encrypted Tailscale tunnels. Each instance receives a single-use authentication key.
• Ephemeral instances. GPU instances are created on demand and destroyed when idle. They do not retain data between sessions.
• Prompt injection defense. The Platform includes multi-layer protection against prompt injection attacks in uploaded documents, including automated scanning, per-call boundary isolation, and model-level instructions.

6. Access Controls

• Role-based access. The Platform implements role-based access control (RBAC) with defined permissions for different user roles within an organization.
• Domain-level policies. Organization administrators can configure domain-level authentication policies, controlling how users within their domain authenticate and what access they receive.
• Audit logging. Administrative actions are logged in an audit trail, providing accountability for account management, role changes, and security-relevant operations.
• Credit-based gating. Access to analysis runs is gated by a credit system, providing an additional layer of control over resource consumption.

7. Data and AI Training

Your documents are not used to train AI models. We do not use uploaded document content, scorecard results, or any user data to train, fine-tune, or improve AI models.

Failed AI call logs. When an AI call fails during processing, we log diagnostic data that includes extracted claim text and evidence snippets. These logs are used exclusively for product quality improvement — identifying failure patterns, improving reliability, and debugging issues. These logs do not contain personal information (names, emails, account details). They contain only the claim and evidence data that was part of the failed operation.

8. Monitoring and Incident Response

• Service monitoring. All Platform services produce structured logs with timestamps. We monitor service health, error rates, and performance metrics.
• AI failure tracking. Failed AI calls are tracked per-instance with automatic quarantine and replacement of underperforming GPU infrastructure.
• Database backups. Automated daily backups ensure data durability and support disaster recovery.
• Incident response. We investigate and respond to security incidents promptly. If we determine that a security incident has affected your data, we will notify you.

9. Security Questions

If you have security questions, need additional information for a vendor assessment, or want to report a security concern, please contact us at:

The Liggett Group
Email: info@theliggettgroup.com
Website: www.theliggettgroup.com

We are happy to discuss our security practices in more detail and answer specific questions relevant to your organization's security review process.