Home | Blog | Guide

Sugarbug Security: Your Data Stays Yours on the Way Out

Sugarbug security explained: user-space scraping, medical-grade commitments, no lock-in, and no model training on your data. Built for enterprise and healthcare.

By Ellis Keane · 2026-04-17

There's a running joke in our industry that the best way to get free AI is to become the training data. Every generation of platform has worked out how to monetise your work a little faster (and a little sneakier) than the last one, and somewhere along the way we all agreed to call that "the future." (I'm told this is also called progress.) Sugarbug is built on the opposite principle, and this post is the plain-English tour of Sugarbug security: what we promise, what is in the code right now, what lands at production launch, and why we hold ourselves to a harder standard than anything a regulator would ask for.

We sit in the middle of your company's most sensitive workflows. Slack threads your team assumed nobody would ever re-read. PR debates where someone lost an argument in 2023 and still hasn't forgiven the reviewer. Figma comments and design reviews, Linear tickets, calendar invites, meeting transcripts, the lot. The only honest bar for holding that kind of data is a medical-grade standard: as strict with ourselves as a hospital is with patient records, and harder on our own engineering than any regulation requires. Anything softer is a bet that nobody ever checks, and betting against being checked is a terrible long-term plan.

What Sugarbug can see (and what it cannot)

Sugarbug operates in user-space. It scrapes with your permissions, reads from your accounts, and sees exactly what you see – nothing more, nothing less. That one architectural property (which sounds boring the first time you hear it, and dangerously load-bearing the second time) has genuinely profound consequences for how your data is treated.

Administrators cannot read your private messages. In most workplace products, when you leave a company your old account becomes the employer's archive. They can reopen your inbox, scroll through Slack DMs you thought were private, and read emails you sent years ago. Sugarbug closes that door before it opens. An org administrator can only ever see what the org itself can already see – the public channels, the shared docs, the group calendars. Your private connectors are yours alone, full stop.

Joining an org is instant. New members get a single, pre-processed aggregate source that stitches together everything a member would normally see – public Slack channels, group meeting notes, shared Notion docs, Linear tickets, Figma changes, public PRs – de-duplicated and already indexed by the org's compounded graph. You drop in and immediately have the team's common context, without paying the cost to re-ingest what your colleagues have already processed.

Leaving an org is clean. When you disconnect, you lose access to the org's aggregate source and its signals, and nothing more. Your private connectors remain yours. Your history, your notes, and your personal graph all travel with you to the next place.

User-space scraping is the load-bearing decision. It is what makes private messages private, what keeps the portable graph portable, and what turns "your data is yours" from a marketing line into a property of the system.

The journal model

Think of how someone might keep a private notebook across a career. Year over year it fills with the people they meet, what they are thinking, how a moment hit them, what they learned from a rough week. That journal belongs to the person who wrote it. It is also the thing that makes them a sharper, more considered, more valuable colleague.

Sugarbug is that journal scaled out into a full working knowledge graph: your private context (DMs, notes, one-on-ones) and the org's shared context (Slack threads in public channels, Linear tickets, shared docs) stitched into one personal system without blurring the lines between them. Private to the individual, helpful to the team when the individual chooses to share, portable when the person moves on.

Because private and public are indexed together, instead of sitting in separate tools, working in public becomes the most efficient way to operate (a larger claim than it sounds, for anyone who has spent a week on status updates). You do the work, the shared context updates itself, and the private journal model stays private.

Sugarbug is that journal scaled into a full working knowledge graph, without blurring the line between what is yours and what is shared.

What ships today

These are not roadmap items. These are the pieces of Sugarbug security that are already in the code, running in CI, and sitting behind every commit that goes out.

Passwordless sign-in. Authentication is OAuth-only across five identity providers. There are no passwords to phish, leak, or reuse.
Encrypted everywhere. Sensitive payloads at rest use authenticated AES-256-GCM; connections use TLS 1.3 with HSTS preload on every public endpoint.
Tenant isolation at every layer. Every query and every vector search is scoped to the caller, and cross-tenant leakage is probed by automated tests on every CI run.
Administrative actions are visible. Tamper-evident audit logs cover impersonation, account changes, and data purges. If a Sugarbug engineer ever needs to step into your account for a support request, the log shows exactly who, when, and why.
Security is part of the build pipeline. Custom automations scan every commit for leaked secrets, vulnerable dependencies, and code quality regressions. A change that fails those checks never ships.
Safe deploys. Health-checked blue-green rollouts revert themselves automatically if anything goes wrong, before your users notice.
Authenticated channels everywhere. The desktop client, the local agent that runs alongside it, and our servers communicate over authenticated, encrypted channels. No clear-text traffic, ever.

What launch adds

The "what ships today" list is the foundation. Production launch is where we add the controls that large buyers call "table stakes" after asking for them across a 14-tab spreadsheet, and that we, personally, want in place before anything truly sensitive goes behind the API. Read everything below as a firm launch commitment to every user, not a wish list or gated behind an enterprise deal.

Customer-managed encryption keys. Your key management system holds the keys. Sugarbug operators cannot decrypt your data, even with full server access – the closest a workflow-intelligence product can honestly get to zero-knowledge.
Bring your own LLM. Route enrichment through your preferred provider – OpenAI, Anthropic, Google, or a self-hosted open-source model. Your choice, your bill, your data-processing relationship. For teams that need it, enrichment can run entirely on a self-hosted model, end to end.
PII stripped before every LLM call. Whatever model you route to – ours, yours, cloud, hybrid, fully local – every enrichment payload has names, emails, phone numbers, addresses, keys, and identifiers replaced with reversible tokens before it reaches the model. The LLM sees the shape of your data, never the people inside it. Sugarbug resolves the tokens back on receipt so the output lands with the right context attached.
Keychain-backed credential storage on the desktop client. Your integration tokens live where only your operating system can reach them.
Signed and notarised application binaries with signature-verified auto-updates. You can verify that the Sugarbug you are running is the Sugarbug we shipped.
Compliance-grade structured logging with defined retention windows for every event class.
Multi-region redundancy with automatic point-in-time recovery.

Where we're going

Production launch is not the end state. Our horizon beyond it is a Sugarbug that any user – not only enterprises with dedicated infrastructure – can run entirely on their own machine. Your model, your storage, your graph, syncing nothing it does not have to. Workflow intelligence under your own roof, with nothing on our servers unless you choose to put it there (you can go back-and-forth at your leisure). The architecture is being built with that destination in view, and every decision we make between now and launch is checked against it.

(If that sounds ambitious, good. An industry that has quietly shipped your data to training sets for a decade deserves an ambitious commercial-grade counter-proposal.)

Retention is yours to control

Sugarbug mirrors your source system's retention policy. If your Slack keeps messages for 90 days, Sugarbug's copy disappears on the same schedule – across every surface, including tasks, person summaries, meeting prep, and vector search. You set the window once; we honour it everywhere.

When you delete your account, we delete everything, vector embeddings included.

No locks on the door

We do not want to lock you in. We want you to stay because Sugarbug is genuinely the best experience and makes you and your team sharper than any alternative – not because leaving is hard. That is why you can pull your data out at any moment, with no conversations with sales and no retention team standing between you and the export button. Every task, every person, every meeting ships in a portable format, ready to drop into whatever comes next.

Try other options. Challenge us. That pressure is part of how we get better, and making your working life easier is the whole point.

Overbuilt for enterprise

Large, regulated organisations have procurement reviews that run months and checklists that run hundreds of questions. (If you have ever answered a SIG Lite at 11pm the night before a deal closes, I owe you a drink.) The Sugarbug security story is designed to clear them on the first pass. If you have ever tried to get through one of these at midnight, half-caffeinated, quietly bargaining with the universe for a smaller spreadsheet, you already know this section by heart – the product is built so you do not have to hand-wave through any of it.

Identity and access. SAML 2.0 SSO with Okta, Azure AD, Ping, Google Workspace, and JumpCloud. SCIM 2.0 provisioning and deprovisioning for automatic offboarding the moment your HRIS marks an employee terminated. Org-enforced MFA policy, configurable session timeouts, and IP allow-listing at the organisation level.

Data boundaries you can verify.

Your data does not train models. Not ours, not our providers', not anyone's. This is an architectural commitment, not a line in a contract – we secure Zero Data Retention with every LLM provider we route signals through, and customers who need a stronger guarantee can opt into local-first enrichment where no raw data leaves their perimeter.
Regional data residency in the US, EU, and UK. Your data physically stays in the region you choose. No cross-border copies, no "it mostly stays there".
Published subprocessor list with advance notifications when it changes and a window for you to object before the change takes effect.
Pre-signed DPA with Standard Contractual Clauses for cross-border transfers, and a Transfer Impact Assessment ready for your legal team.

Network and operations.

Private networking via AWS PrivateLink, Azure Private Endpoints, and GCP Private Service Connect. For customers who require it, traffic between your network and Sugarbug never touches the public internet.
Audit log streaming into Splunk, Datadog, Microsoft Sentinel, or Chronicle. Your SOC sees the same events we do.
Legal hold and eDiscovery support for data under litigation, including retention suspension and scoped export.
Dedicated single-tenant infrastructure available for the highest-sensitivity deployments.
Contractual breach notification within 24 hours – well inside GDPR's 72-hour floor.
Published RTO and RPO targets backed by a documented disaster recovery plan and cross-region backups.
Background-checked staff with production access, annual security training, and quarterly access reviews.

Verification on your terms.

Annual third-party penetration test by a recognised firm. Executive summary is public; full report is available under NDA.
Public bug bounty programme.
Trust centre at one URL: SOC 2 report, ISO/IEC 27001 certificate, penetration test summary, subprocessor list, DPA template, security status page, and the latest audit bridge letter.
Pre-filled SIG Lite, CAIQ, and VSA-Full responses ready for your procurement team.

Overbuilt for healthcare

Hospitals and health systems carry a different kind of risk than the average enterprise. In ordinary SaaS, a breach is an incident; in clinical settings, a breach can end up somewhere between a care-delivery problem and a federal investigation, and the gap between those two outcomes is not something we want to sit inside of. Sugarbug is built with that difference in mind. The commitments below are not gated behind the largest tier of our pricing, because "BAA only on enterprise" has always been a quietly cynical move in this industry.

Business Associate Agreement available on every paid tier, signed before any Protected Health Information flows through your account. No enterprise-tier-only gating.
Minimum-necessary access controls, with PHI-aware audit logging retained for six years to meet HIPAA and HITECH requirements.
HITECH-aligned breach notification with a defined timeline and documented workflow.
Dedicated single-tenant infrastructure available for deployments where shared multi-tenant hosting does not meet your internal standards.

Compliance trajectory

Audits are not fun. Neither is discovering that the "secure by default" vendor you bought last year meant "secure in the sales deck." At production launch, Sugarbug targets:

SOC 2 Type II – security, availability, and confidentiality.
ISO/IEC 27001 – international information security management.
HIPAA for customers with Business Associate Agreements.
GDPR – data portability, right-to-erasure, and lawful basis throughout.

The architecture decisions we have already made trace directly to the controls these frameworks require: tenant isolation at every layer, end-to-end audit logging, envelope-ready encryption, verifiable deletion semantics, and a user-space scraping model that keeps administrators out of private data by design. Sugarbug security is not a chapter we tack on at the end; it is the shape of the product. The shortest honest path to passing an audit is to build the product the way the auditor wishes everyone would, and we are trying to do that on the first pass.

If you want a workflow intelligence layer that treats your data like patient records rather than training fodder, that is what we are building. Try Sugarbug at sugarbug.ai.

Frequently Asked Questions

The questions that come up most often about Sugarbug security, in plain answers.

Does Sugarbug train AI models on my data?

No, and it never will. That is architectural, not contractual. At production launch, Zero Data Retention is in place with every LLM provider we route through, and customers who want stricter can opt into local-first enrichment.

Can my employer read my private Slack DMs through Sugarbug?

No. Sugarbug scrapes with your permissions only. An org administrator sees nothing the organisation could not already see without Sugarbug – public channels, shared docs, group calendars. Your private connectors are yours alone.

What happens to my Sugarbug data when I leave my company?

You keep your private graph and walk out with it. Leaving an org removes your access to that org's aggregate source and its signals, deleting history of them as your access to connected tools is removed. Your personal history and notes travel with you.

How does Sugarbug keep personal data out of AI prompts?

At production launch, PII is stripped from every enrichment payload before the model ever sees it – whether that is our model, yours, a cloud provider, or a fully local one. The LLM sees the shape of your problem, never the people or data inside it.

Is Sugarbug SOC 2 and HIPAA compliant?

At production launch, Sugarbug targets SOC 2, ISO/IEC 27001, HIPAA (with BAAs), and GDPR. BAAs are available on every paid tier, not locked behind enterprise pricing.