Source connections
Owners authorize each connected source before selected content can be indexed.
Security & Access Model
How Primind handles connected company knowledge
Primind only searches connected sources. Owners decide which sources are connected and which designated users receive full search permissions. Everyone else searches using last-synced, verifiable source permissions.
Owner controls
Owners control who can use Primind, which sources are connected, which areas are searchable, and who receives full search permissions.
Citations
Answers include citations or source links where available so users can verify the original source.
ACCESS MODES
Owners control how company knowledge is retrieved
Primind supports per-user full search permissions. By default, users search using synced source permissions where permission data is available. Owners can allow selected users to search the organization's connected knowledge base.
Permission-sensitive retrieval
Users without full search permissions search using last-synced source permission metadata. Content with unsupported or unverifiable permissions is excluded by default.
Full connected knowledge search
Selected users with full search permissions can search the organization's connected knowledge base.
Permission sync cadence
External permission changes are reflected after provider webhooks or scheduled sync, with daily permission refresh as the target cadence. Until then, Primind uses last-synced permission metadata.
DATA HANDLING
Company data stays within defined source and policy boundaries
Primind uses Primind-controlled AI infrastructure for answer generation. Retrieved company content and user prompts are processed within that environment and are not sent to third-party AI model providers to generate responses. Data-use commitments are detailed in the Privacy Policy.
Read the Privacy PolicyConnected sources require provider authorization before ingestion starts.
Organization content, prompts, retrieved chunks, embeddings, summaries, cached answers, and generated answers are not used for advertising or model training.
Answers include citations or source links where available, so users can verify the original material.
REVOCATION AND DELETION
Access can be revoked and organization data can be deleted
Source access can be revoked through Primind or the source provider. Revocation stops future ingestion from that source. Permission changes in source systems are reflected in Primind after provider webhooks or scheduled permission sync; until then, Primind uses last-synced permission metadata.
When an organization is deleted, associated data is removed from active application systems without a grace period.
Backup deletion, expiration, and restore evidence are governed by Primind's operational backup lifecycle.
Security reports can be sent to support@primind.ai. The public security contact file is available at /.well-known/security.txt.
Read the Vulnerability Disclosure PolicySource revocation stops future ingestion from that source; source permission changes are reflected after permission sync.
Organization deletion removes associated data from active application systems without a grace period.
Compliance status
Verification status
Current verification and assessment work for Primind.
Microsoft verified publisher
During Microsoft consent, Primind’s app registrations identify Primind LLC as the verified publisher.
CASA Tier 2
Primind is currently working toward CASA Tier 2. This page will be updated when the assessment is complete.