Trust
Built for sensitive employee data.
Lontra does not make HR decisions. It structures signals for qualified human review.
Data hosting
Hosted in encrypted, regionally configurable infrastructure. Residency is a choice you make, not a default we impose.
AI processing
Lontra uses LLMs as a tool, not as a decision-maker. Sensitive analysis is constrained, logged, and reviewed.
Employee control
Employees keep control over what they submit. They can decline to answer, ask for a sensitive flag, or speak to a human.
Sensitive data filtering
Discriminatory data — origin, religion, health, union membership and equivalents — is never stored.
Audio handling
When voice mode is used, audio is transcribed and then deleted. Lontra does not keep raw audio archives.
Retention policy
Configurable retention per data type. Employees can request a copy of their growth thread.
Access and permissions
Permission-based access aligned with your organization model. SAML/OIDC SSO and SCIM provisioning supported.
Human validation
Critical actions and productions are validated by humans. Lontra does not ship sensitive content unsupervised.
Integrations and sub-processors
A current list of sub-processors is available under NDA. We notify customers in advance of material changes.
Documents available for security review
Security questionnaire responses, architecture diagrams, DPA template, sub-processor list — available on request.
Signals inform human decisions. They never replace them.
Next step
Start with one loop.
One population. One business question. One measurable output.
A company that teaches itself.