Your data has no neighbours.
Every organisation gets its own D1 database on its own Cloudflare account. One tenant’s incident stays one tenant’s incident — and if a connection breaks, the API fails closed.
getByocDb(org) → your D1, on your accountMost platforms protect one big database and hope the walls hold. sSystm never built the big database: every organisation’s records live in their own D1, on their own Cloudflare account. The blast radius of any incident is one tenant — by construction.
The actual provisioning model: a dedicated D1 per organisation, on that organisation's own Cloudflare account — verified against the code.
None of this is a compliance checkbox bolted on afterwards. Each one is how the platform is built —and each claim below is verifiable in the product.
Every organisation gets its own D1 database on its own Cloudflare account. One tenant’s incident stays one tenant’s incident — and if a connection breaks, the API fails closed.
getByocDb(org) → your D1, on your accountPick the EU at sign-in and your database is created with D1’s jurisdiction guarantee — infrastructure, not a privacy-policy promise. Verified after creation, immutable forever.
create { jurisdiction: "eu" } · verified after creationNo broad API key — the OAuth grant asks for 21 fine-grained scopes, each risk-labelled honestly: safe, risky or destructive. Read the full table before you grant anything.
21 scopes · 8 groups · risk-labelled in the docsYour Cloudflare tokens are AES-256-GCM-encrypted with a fresh IV each, under a key that lives only as a server secret. Decrypted the moment an action runs — never before.
AES-256-GCM · random 96-bit IV per tokenOne way in: Sign in with Cloudflare. No password form, no credential database to dump — your MFA and passkeys stay where they already live. Revoke the grant, and sSystm is out.
one way in: Cloudflare OAuthAI-proposed infrastructure operations are risk-classified — and anything not provably read-only waits as pending until a human approves. Who, when and every API call: recorded.
risky | destructive → pending_approval, alwaysTenant isolation isn't one wall — it's the same principle repeated at every layer of the stack:database, queries, vector search and real-time.
A single tenant boundary can fail. sSystm draws the same boundary four times, in four different systems — straight from the code:
One honest note: we don't wave compliance badges we haven't earned. What we claim is architecture — and every claim on this page can be checked against the product. For the contractual side, see our Data Processing Agreement.
The foundation above is live. On the road ahead, in the open: hardening session management, and extending the audit trail that already covers agent operations — who ran what, when, with every API call recorded — into one audit surface across the whole workspace.
Follow the changelogThe built-in Build AI and your own AI over MCP — same context, human in control.
Learn moreThe whole model end to end: sign in with Cloudflare, provision on your account, connect your AI.
Learn moreExactly what lives in your database versus the platform’s — described precisely, not rounded up.
Learn moreEarly access is rolling out gradually. Join the waitlist and your workspace is provisioned on your own Cloudflare account, in the region you choose — with every wall on this page already standing.
When you're in: no email, no password — one Cloudflare grant · core workspace free · your data lives in your own account