Get started
Security & Privacy

The faster, safer way to let AI work with your data.

Most teams aren't held back by a lack of interest in AI — they're held back by how to give it access to real data without creating new risk. Actioner is built so that question has a clean answer. Intelligence comes to your data; your data does not get pooled, copied, or handed over. And because the AI proposes rather than acts, you stay in control of anything that leaves your hands.

What a reviewer usually asks

Four questions, answered by design.

Each concern below is addressed by how the product is built — not by a policy you have to trust us to follow.

Access scope

Can it see more than the employee should?

No. The AI reaches each system through the user's own credentials, so it inherits exactly their existing permissions — never more.

Data residency

Where does our data actually live?

On the user's own machine. Actioner is a local desktop app; credentials and captured data sit in an embedded store on the device, not in our cloud.

Retention

Do you keep a copy we'd have to account for?

No. Data in transit is proxied, not stored. Actioner retains no customer data — and the relay itself can be self-hosted to remove us from the path.

Attack surface

How many new integrations are we exposing?

Far fewer. Data is reached in place via connectors rather than replicated tool-to-tool, so there are no standing copies spread across systems to defend.

How access works

The AI sees what you see — nothing more.

The common pattern aggregates everyone's data into one store and points a model at the pool. Actioner doesn't aggregate; access is scoped to the individual's own credentials.

Figure 1 — Access modelAggregate pool vs. scoped access
Typical Aggregate & grant
data from many users
↓ copied into
one shared data pool
↓ AI reads across everyone's data
Actioner Scoped access
each user's own credentials
↓ used to reach
only what that user may access
↓ AI sees only their permitted data
How data moves

Proxied by default. Never stored. Self-hostable.

The connector architecture relays data between Claude and the user's machine. That relay is a pass-through — data crosses it, but Actioner keeps none of it. Teams that don't want data crossing our infrastructure at all can run the relay themselves.

Figure 2 — Data pathDefault vs. self-hosted relay
Source of truth
User's machine & connected tools
relay
Pass-through only
Actioner proxy (nothing retained)
request
Reasoning
Claude
Default: data is proxied through Actioner because the connector design needs a relay to function. It moves through; it is not stored with us, and no customer data takes up residence in our systems.
Option — self-hosted relay: run the proxy on your own infrastructure and the flow between Claude and the user's machine bypasses Actioner entirely. The data path then never touches our systems.
Who's in control

AI proposes. You decide.

The other worry isn't where data goes — it's what the AI might do. When you're communicating on behalf of customers, an autonomous agent acting on its own is a real risk. Actioner is built as an assistant, not an autonomous agent: it does the analysis and the legwork, then hands you a decision with the evidence behind it. The action is always yours.

Figure 3 — Who actsAutonomous agent vs. you hold the action
Typical Autonomous agent
the model is handed action tools
↓ so it can
act on its own — send, change, commit
↓ the result lands before you see it
Actioner You hold the action
the model gets compose-only tools
↓ it drafts & you
review, edit, then click to execute
↓ nothing leaves without your hand on it
By design, not by policy: Actioner's own tools never act on the outside world for you. To send an email, Actioner gives the AI a tool that composes a draft — never one that sends it. Sending is a separate action that only fires when you've reviewed the draft, edited it as needed, and clicked send. The AI can't send through Actioner because Actioner never hands it that ability.
Evidence with every decision: each proposal comes with the supporting context behind it, so you can verify why before you act — not approve blind.
Why this is lower-risk

Reaching data in place beats copying it everywhere.

The usual way to give AI a complete picture is to integrate tools and replicate their data into one place. Every copy is a new liability. Actioner avoids the copies.

Dimension Integrate & replicate Actioner — reach in place
Data copies Standing copies spread across many systems Reached on demand, then gone — no standing copies
Access scope Model reads a shared, aggregated pool Scoped to each user's own credentials
Breach blast radius Vendor breach exposes pooled customer data No pooled data to expose; relay holds nothing
Maintenance Brittle integrations to build and keep alive Connectors reach the source directly
Residency Data lives in the vendor's cloud Data stays on the user's machine
Quick checklist for security & IT

Seven things you can verify.

Permissions: AI inherits the user's existing access — no elevation.
Residency: credentials and data stored locally on the device.
Retention: no customer data retained by Actioner.
In transit: proxied pass-through; self-hostable to remove us entirely.
Aggregation: none — no shared pool across users or customers.
Surface area: data reached in place, not replicated across tools.
Control: AI drafts, never acts — outward actions need explicit human approval.

This overview describes Actioner's architecture and intended data handling for evaluation purposes. For formal security review, request current documentation, subprocessor details, and any compliance attestations from your Actioner contact before deployment.

The bottom line for approval

A way to say yes to AI — without the trade-off.

If your team is being asked to enable AI but stuck on how to do it safely, the friction is almost always about data: where it goes, who can see it, and what's left behind. Actioner removes that friction rather than adding to it.

It's faster — nothing to migrate, no integration project to staff. It's safer — access is scoped to the individual, data stays local, nothing is retained, optionally not even in transit, and the AI proposes while your team keeps the final action. It's the same frontier model your team already wants, working over complete data without pooling it anywhere.