A candid inventory of what’s actually shipped — including the gaps we haven’t closed yet. We’d rather be specific than wave around “enterprise-grade” copy.
Last updated · June 2026
Every operator’s data is siloed at the schema layer (every tenant table carries an agency_id foreign key). On top of that schema isolation, §7.3 of the Trial Tier Terms makes the following commitments contractually binding:
Some operators run engagements for clients in regulated industries — finance, healthcare, defense — where the client contract prohibits anythird party, including Soundcheck staff, from inspecting the project’s content. For those cases, every project carries an operator-flippable Incognito Mode toggle. Best practice is to enable it at intake time, before any generation runs; the operator can also flip it later from the project Settings panel.
Each Market Research, GoGlobal, Scale, Customer Journey, Virtual Focus Group, and Persona Panel project can expose a Telegram bot deep-link so end-clients can ask questions about the deliverable conversationally. The bot is a thin wrapper on top of the same Anthropic call path the platform already uses; no separate data store, no third-party AI provider.
Operators can subscribe an engagement to a recurring monthly refresh. Once a month, a worker runs Tavily + Anthropic web search to surface what changed in the market, drafts a short markdown diff, renders it as a branded DOCX, and merges the delta into the project’s dashboard. The data path is the same single-tenant path the original engagement used — no operator’s data ever joins another operator’s refresh run.
Operators can’t retroactively re-tag completed work to dodge invoiced amounts. Billing is a property the platform actively protects:
Built for litigation-readiness — not because we expect litigation, but because the alternative is reconstructing acceptance trails from logs after the fact:
Completed engagements are distilled into a tag-normalized anonymized record (no agency, no brand, no client name, no verbatim text — only categorical signals like archetype tag, friction tag, concept-pattern tag, and score band). This pool feeds platform-internal benchmarks and prompt improvements. It is never exposed to another operator as a competitive advantage on their own engagements; that path is contractually prohibited by §7.3(c)(ii) of the Trial Terms and Founding Cohort Terms.
Three automated gates run on every push and pull request against main, plus on scheduled cadences. Results land in the GitHub Security tab where the founder reviews them during normal development.
The two written security policies referenced by the platform live in the repository alongside the application code, version-controlled per change, and are provided in writing to any customer that requests them as part of vendor due diligence:
If a client’s security team asks, here’s what we answer straight rather than dodge:
If you spot something — a vulnerability, an unintended behaviour, data appearing where it shouldn’t — write to info@soundcheckinsights.com with the subject line Security report. We prioritise these above everything else and will acknowledge within one business day. Full safe-harbor terms + scope live in our Vulnerability Disclosure Policy (paired with /.well-known/security.txt).
For legal questions about these terms, write to valter@soundcheckinsights.com.
Soundcheck Insights LLC · Florida, United States · © 2026