> ## Documentation Index
> Fetch the complete documentation index at: https://docs.theubik.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security and data

> Rules for handling sensitive trade, customer, supplier, pricing, and margin context in reviewed AI workflows.

Ubik is designed for reviewed trade operations. Treat sensitive context with the same care you would apply inside ERP, finance, customer communication, and supplier negotiation systems.

## Data handling principles

<CardGroup cols={2}>
  <Card title="Systems of record stay authoritative" icon="database">
    ERP, CRM, accounting, and document systems remain the source of truth.
  </Card>

  <Card title="Ubik is reviewed action" icon="shield-check">
    Sensitive replies, writebacks, and owner handoffs require review before they move.
  </Card>

  <Card title="Access stays narrow" icon="lock-keyhole">
    Users and integrations should only see the context needed for approved workflows.
  </Card>

  <Card title="The trail must explain the decision" icon="history">
    Activity history should show what changed, who reviewed it, and where the work moved.
  </Card>
</CardGroup>

## How AI uses business context

Ubik uses AI to plan, reason, summarize, compare, and draft actions. It should not be treated as an unattended employee. Operators still review sensitive work before it moves.

Ubik minimizes what is sent to external models. Sensitive context such as RFQs, supplier pricing, margins, customer names, and credentials stays in Ubik’s context layer, local workspace, or private deployment depending on setup.

Customer data is not used to train third-party models.

## What reviewers should check

| Risk             | Review behavior                                                                                          |
| ---------------- | -------------------------------------------------------------------------------------------------------- |
| Pricing exposure | Remove internal margin, supplier notes, recovery strategy, or finance commentary from buyer-facing text. |
| Wrong account    | Confirm source context, CRM account, and buyer identity before approval.                                 |
| Stale data       | Reject or assign if inventory, ETA, pricing, or owner context is not current.                            |
| Overbroad access | Ask an admin to reduce scope or remove users who no longer need access.                                  |

## Reporting a security concern

Send the affected workspace, timestamp, user, action, and source context to your admin or founder contact. Do not forward sensitive screenshots outside approved channels.
