CALI TECHNOLOGIES
Security & trust
Home
Pricing
Security & trust

Designed for teams that cannot afford surprises.

Cali is built for investigators, compliance officers, and public-sector teams who handle sensitive matters. Our approach to security, data handling, and AI is driven by the assumption that your work may be reviewed by courts, auditors, and supervisors—not just internal stakeholders.

Security posture

Cali follows a “defense in depth” approach, focusing on how data is stored, processed, accessed, and monitored.

  • Encryption in transit for all customer connections.
  • Modern encryption standards for data stored at rest.
  • Role-based access controls for internal and external access.
  • Segregation of environments for development and production.
  • Principle of least privilege for systems and personnel.

As Cali matures, we expect to align our controls with common security frameworks and undergo independent assessments as appropriate.

Data handling & retention

The cases you work are sensitive. We treat investigation data accordingly.

  • We distinguish between public-chain data, OSINT sources, and any customer- provided materials.
  • Customers can request deletion or export of certain investigation-level artifacts, subject to legal and operational constraints.
  • Retention periods and backup strategies are designed to balance investigative needs with minimization of unnecessary data.

Formal data handling and retention documentation is available during enterprise evaluations.

AI safety & model governance

Cali uses AI to assist investigators, not to replace them. We design our AI features with clear boundaries and human oversight in mind.

  • AI is used to surface patterns, generate candidate narratives, and suggest explanations—not to make final risk decisions.
  • Analysts remain responsible for reviewing, editing, and approving any language used in official records or filings.
  • Where possible, we tie AI outputs to concrete views and evidence in the platform so they can be verified.

Our goal is to make it easier to produce clear, defensible work—never to hide how conclusions were reached.

Shared responsibility model

Security and trust are shared between Cali and each customer. We focus on the platform and infrastructure; you control how the system is used in your program.

  • We are responsible for the secure operation of the Cali platform.
  • You are responsible for user provisioning, access reviews, and ensuring that outputs are used within your policies and regulatory perimeter.
  • We work with customers to configure workflows that align with their control environment and audit expectations.
AI data handling

Cali can be configured to use customer-provided AI credentials, and AI outputs are generated from the same case context the analyst is viewing in the platform.

  • Customer-controlled AI provider configuration (where supported).
  • Principle of least privilege applies to AI integrations.
  • AI is used for explanation and drafting, not automated enforcement decisions.

During enterprise evaluations, we can align configuration to your security and procurement requirements.

AI FAQ

Common questions from security and compliance teams

Do you train models on customer data?
No. Cali can be configured to use your organization's AI provider and credentials. Model training and retention policies depend on the provider and your configuration.
Can we bring our own AI provider or keys?
Yes. Enterprise deployments can use customer-provided AI credentials and approved model providers (for example OpenAI, Azure OpenAI, Anthropic, or internal gateways where supported).
What gets sent to AI?
Only the case context needed to generate the requested narrative—for example the same metrics and fields you see in the UI. Your team controls when AI is invoked.
Do you store prompts or AI outputs?
Cali can be configured based on your requirements. During evaluation, we align logging, access controls, and retention to your policies.

Security posture and available options may vary by deployment and customer configuration.

Regulatory & supervisory context

Cali is not a law firm, regulator, or auditor. We build tools for teams who must operate in regulated environments and respond to supervisory expectations.

  • Outputs are designed to help you document what you saw, what you concluded, and why.
  • We expect customers to apply their own policies, procedures, and professional judgment on top of what Cali provides.
  • We are open to working with customers' legal, risk, and audit partners during evaluations and deployment.
Security & trust inquiries

Discuss security, data handling, and AI usage with Cali Technologies.

During enterprise evaluations, we can walk through our current controls, roadmap, and how Cali fits within your broader information-security and risk framework.