Security
Security is foundational: your data, your keys, your control. AICoven is designed for BYOK (Bring‑Your‑Own‑Keys) and minimizes data retention by default.
BYOK
You connect providers with your own API keys. Usage is billed by providers directly to your account. Keys are never embedded in public clients.
Encryption
Sensitive secrets are encrypted at rest and decrypted only when needed to fulfill a request.
Access Controls
Role‑based access for workspaces (Covens). Least‑privilege defaults and scoped memory to prevent cross‑workspace leakage.
Audit & Logs
Action trails for key lifecycle and memory approvals. Provider requests are attributable to users and roles.
Data Retention
Memory is stored intentionally. Ephemeral context is discarded unless you approve it via the memory workflow. You can request export or deletion of your workspace data.