Least-privilege integrations
Fern uses OAuth and read-oriented integration access where possible. Integration copy should explain why each requested permission exists before a customer connects a source.
Security
Fern handles Slack messages, emails, meetings, calendar events, and client context. Our security posture is built around least privilege, tenant isolation, audited access, and a clear separation between raw processing data and durable client intelligence.
Fern uses OAuth and read-oriented integration access where possible. Integration copy should explain why each requested permission exists before a customer connects a source.
Customer data is scoped by organization IDs throughout the application. We are hardening direct database policies and API routes so every sensitive query is explicitly organization-scoped.
Traffic uses TLS in transit, Supabase stores data encrypted at rest, and integration credentials are stored through WorkOS Vault rather than as plaintext application records.
Fern uses enterprise AI APIs for classification and summarization. We are verifying gateway-level data retention terms and adding provider-specific no-training/zero-retention controls wherever supported.
The architecture direction is an encrypted, short-lived processing buffer plus a processing ledger. Persistent product value should live in structured intelligence, not raw unrelated conversations.
Admins can disconnect integrations and request deletion today. Self-serve deletion, export, retention controls, support access grants, and audit logs are part of the active trust roadmap.