Security
Your data stays yours.
Surplus handles grants finance data — payroll, donor terms, restricted funds. Here's how we treat it. No badges we haven't earned; just the practices in place today.
Data residency
Choose UK or EU region when you create your workspace. Your data — files, drafts, model context — is stored and processed only within that region. No cross-region replication without your explicit request.
Encryption
TLS 1.3 in transit. AES-256 at rest. Per-workspace encryption keys managed via our cloud provider's KMS. Backups are encrypted with the same standard.
No training on customer data
Your files, prompts, and generated outputs are never used to train foundation models — ours or any provider's. Model calls are made with zero-retention agreements where the provider supports it.
Retention controls
Set a workspace-wide retention window (30, 90, 365 days, or indefinite). Hard-delete on request within 30 days. Deleted content is purged from backups on the next rotation cycle.
Access & audit
SSO / SAML on Scale. Role-based access within workspaces. Full audit trail of who read what and when, exportable on request.
Sub-processors
A short, current list is maintained and shared under NDA. We give 30 days' notice before adding a new sub-processor that handles customer content.
Questions from your security team?
Email security@withsurplus.com for our sub-processor list, DPA, and questionnaire response pack.
Responsible disclosure: please report vulnerabilities to the same address.