Korpora · Security & data
How we handle your data
The short version: the agent-readiness audit looks at what is already public, from the outside. We never touch your systems, and we keep almost nothing. In plain English, below.
External-only measurement
We score your public API surfaces from the outside, the way an AI agent would. We never access your systems, your code, your infrastructure, or anything behind your login. There is nothing to install, no credentials to share, and no agent running in your environment.
What we collect
Two things: the domain you ask us to score, and your work email. We use them to run the audit and send your scorecard. That is the whole dataset.
What we don't do
We don't sell your data, we don't share it with third parties for marketing, and we don't need or want access to anything private. The audit reads what is already public.
For paid engagements
If you move to continuous measurement, we'll sign your DPA and scope exactly what data is involved with your team before anything starts. The measurement itself stays external by default.
Questions, or need security paperwork for a vendor review? Email hello@korpora.ai.