MAIC
Security

How MAIC protects project data.

Last updated: July 4, 2026

Why this matters

Teams put operational records into MAIC — shift reports, batch records, test results, protocols, and notes that carry real commercial and safety weight. This page describes how the platform handles that responsibility today, in plain language.

Encrypted transport

All traffic to MAIC is served over HTTPS. The site enforces HTTP Strict Transport Security (HSTS), so browsers never fall back to an insecure connection, and standard hardening headers protect against content-type sniffing and clickjacking.

Authentication and project scoping

Every workspace request is authenticated with signed session tokens that are verified server-side on each request. Project content is scoped to the project workspace it was uploaded into: questions are answered from that project's corpus, and cross-project search operates only within your organization's library.

Grounded AI answers

When your team asks a question, MAIC retrieves the most relevant excerpts from your uploaded documents and instructs the model to answer only from that retrieved context, citing the source files. If the uploaded records don't contain the answer, MAIC says so rather than guessing.

No training on your content

MAIC does not use customer project content to train MAIC-owned models. Retrieved excerpts and prompts are sent to configured AI model providers only to generate your answer, as described in the Privacy Policy.

Service providers

MAIC runs on established infrastructure providers for hosting, authentication, storage, and AI model processing, and shares data with them only as needed to operate the service. The Privacy Policy describes what is collected, how long it is retained, and the choices available to you.

Reporting a concern

If you believe you have found a security issue, contact the MAIC team through your workspace owner or support contact and we will respond promptly.