Legal
Security
Last updated: 2026-05-08
Local-first by default
JARVIS runs as a native macOS application. Conversation history, tasks, cached context, and credentials for connected services stay on the user's device by default. Cloud sync and cloud inference are opt-in, never the default.
AWS-backed cloud control plane
Optional cloud features are built on AWS in the Asia-Pacific (Singapore) region. We use Amazon Cognito for authentication, AWS KMS customer-managed keys (CMK) for envelope encryption, S3 with bucket-level encryption and TLS-only access for sync data, and DynamoDB with customer-managed encryption for user metadata. Cloud infrastructure is defined as code (AWS CDK) and reviewed against the AWS Well-Architected Framework.
Encryption at rest and in transit
All cloud-stored data is encrypted at rest using AWS KMS customer-managed keys with annual key rotation. All network traffic uses TLS 1.2 or higher. End-to-end envelope encryption is on the roadmap for synced user content: each user's data is encrypted with a per-user data key wrapped by KMS, so JARVIS AI cannot decrypt customer payloads server-side.
Heavy inference is opt-in
Routine workloads run on-device using local models. Only when the user opts in does JARVIS route a request to Amazon Bedrock for heavier inference. We do not retain prompts or completions beyond the request lifecycle, and Bedrock processing stays inside AWS regional boundaries.
Audit logging and monitoring
AWS CloudTrail captures all control-plane actions across our AWS accounts. CloudWatch alarms notify the team on anomalous billing, error rate, and access patterns. Production change history is retained for at least 90 days.
Service providers
Website form submissions are delivered through Resend, a transactional email provider. Payments are processed by Stripe; JARVIS AI never stores raw card numbers. Each provider is bound by its own published security and data processing commitments.
Access controls
Production AWS access is restricted to a least-privilege IAM model with multi-factor authentication required for any human session. Daily operational identities cannot delete encryption keys or production data; deletion paths require a separate, audited role.
Reporting a security concern
If you believe you have found a security issue with the website or the product, please email contact@jarvis-automation.com with [Security] in the subject line. We aim to acknowledge reports within 48 hours and keep reporters informed until the issue is resolved.