The trust architecture behind every Mitori engagement.

No. This is an architectural impossibility, not a policy promise.

Mitori's desktop agent reads window manager APIs to capture application names and window titles. The agent binary does not contain the code paths required to read file contents, email bodies, message text, clipboard data, or any form of document content. This capability does not exist in the software and cannot be enabled remotely.

No. Content capture is not a toggle or configuration option. Enabling it would require an entirely different agent binary \u2014 one that would need to go through your IT deployment and approval process from scratch. The agent your employees install is incapable of content capture by design.

All data is automatically and permanently deleted at the end of the engagement plus a 30-day buffer period. Clients can request immediate deletion at any time during or after the engagement.

Deletion is irrecoverable. Backups follow the same deletion schedule. A formal deletion certificate is provided upon request confirming all data has been permanently removed from all systems.

No. All data passes through an anonymisation boundary before it enters the analysis pipeline. This is a one-way process \u2014 once data is anonymised, it cannot be traced back to any individual employee.

Deliverables report at the role level and team level only. For example: "The sales team spends an average of 3.2 hours per day in CRM tools" \u2014 never "John Smith spent 4 hours in Salesforce on Tuesday."

Employees can withdraw consent and uninstall the agent at any point during the engagement. Their data is immediately excluded from all analysis. They can request permanent deletion of any data already collected.

No manager or team lead is notified of individual opt-outs. Participation rates are reported only in aggregate (e.g. "87% participation"), never at the individual level.

For EU/UK engagements, Mitori operates under the employer's legitimate interest basis (GDPR Article 6(1)(f)) with individual employee consent as an additional safeguard. A Data Processing Agreement (DPA) is executed before any engagement begins.

We provide a Data Protection Impact Assessment (DPIA) template for your Data Protection Officer. Mitori supports all individual rights under GDPR including access, rectification, erasure, and data portability.

By default, all data is hosted in AWS eu-west-1 (Ireland). For organisations with specific data sovereignty requirements, US and APAC hosting regions are available on request.

Data never leaves the designated region. All processing, storage, and backup occur within the same geographic boundary.

No. Mitori has not experienced any confirmed data breaches to date. We maintain a documented incident response plan with defined SLAs, and clients would be notified within 72 hours of any confirmed breach (24 hours for high-severity incidents) in accordance with GDPR Article 33 requirements.

Yes. We support multiple levels of security review:

• Third-party penetration test reports (available under NDA)
• SOC 2 Type II report (available upon completion of audit)
• Completed security questionnaires (SIG Lite, CAIQ, or custom formats)
• Live security architecture walkthrough with our engineering team
• Custom due diligence requests for enterprise procurement

The agent is a lightweight process that reads operating system window manager APIs (NSWorkspace on macOS, Win32 API on Windows) to determine the active application name and window title. It measures keyboard and mouse activity levels (events per minute) without logging individual keystrokes.

The agent requires no elevated privileges, no kernel extensions, and does not use screen capture or accessibility APIs that would enable content reading. It runs with standard user permissions and can be uninstalled by the employee at any time.

Mitori captures browser activity at the domain level only \u2014 for example, "notion.so" or "docs.google.com". We do not capture full URLs, page content, search queries, form inputs, or any browsing history beyond the domain name.

This is sufficient to understand tool usage patterns (e.g. "the team spends 2 hours per day in Notion") without exposing any private browsing content.

Yes. Mitori supports SAML 2.0 and OpenID Connect (OIDC) for dashboard and admin portal access. We integrate with all major identity providers including Azure AD, Okta, Google Workspace, and OneLogin.

We provide a standard Data Processing Agreement that covers most requirements. For enterprise engagements, we are happy to work with your legal team on custom terms, additional contractual clauses, or specific jurisdictional requirements.

Use the trust document request form on this page, or contact security@mitori.ai to start the process.

We make this as straightforward as possible:

• Request our trust document pack using the form on this page
• Review our penetration test report (available under NDA)
• Schedule a live security architecture walkthrough with our team
• Submit your security questionnaire \u2014 we typically return completed questionnaires within 5 business days