Security & Privacy

Trust-first design

Built for trust

Least privilege, explainable signals, and a hard stance against surveillance and ranking.

Review permissions model Ask a security question

Our Commitments

Security principles

Least privilege by default

We request only the minimum permissions needed to deliver value

Enabled Teams determine scope

You control exactly which teams and repos we can access

Explainable alerts

Every alert includes "why this fired" context

Retention controls

Coming soon: configurable data retention policies

Auditability

Coming soon: access logs and audit trails

Hard Lines

What Strome will never do

We have a hard line against surveillance patterns

Rank individuals or publish leaderboards
Track keystrokes, screenshots, idle time, or "activity"
Use output proxies (commit counts, PR counts) as performance signals

Transparency

Data handling

Strome uses metadata from Linear and GitHub to model flow and detect bottlenecks. It is designed to improve constraints and coordination, not to evaluate individuals.

Linear

Issue metadata, state changes, team/project mappings

GitHub

PR metadata, review events, timestamps

Slack

Post-only to selected channels

Least Privilege

Integration permissions

Linear

  • Read issue metadata
  • Read state changes
  • Scoped to enabled teams

GitHub

  • Read PR metadata
  • Read review events
  • Repo-scoped to pilot repos

Slack

  • Post to selected channels
  • No message reading
  • You choose the channels

FAQ

Security questions

Get started today

Have security questions?

We're happy to discuss your specific security and compliance requirements.

Ask a security question Start trial

No credit card required · Cancel anytime