Security Policy

Security is a first-class part of how Workbench is built and operated. Our program is designed around the principles of least privilege, defence in depth, and explicit authorization for every action a crew member takes in your systems. This policy describes the controls we apply across people, process, and technology.

Security is owned by Lynkr's engineering leadership, with accountability up to the executive team. We maintain internal policies covering acceptable use, access control, change management, vendor management, incident response, business continuity, and secure development. Policies are reviewed at least annually.

All Lynkr personnel with access to production systems undergo background checks where legally permitted, sign confidentiality agreements, and complete security awareness training. Access to customer data is granted on a need-to-know basis, reviewed regularly, and revoked promptly on role change or departure.

Administrative access to production requires SSO with phishing-resistant multi-factor authentication, is scoped by role, and is logged.

Customer data is encrypted in transit using TLS 1.2+ and at rest using industry-standard algorithms (AES-256 or equivalent) provided by our cloud infrastructure providers. Secrets and credentials are stored in a managed secrets service with strict access controls and rotation.

We segregate customer environments where applicable and apply least-privilege defaults to every integration scope.

Workbench is hosted on reputable cloud providers (including Vercel and other SOC 2 / ISO 27001-certified providers) in Canada and the United States. Infrastructure is provisioned as code, production networks are isolated from development networks, and administrative access is audited.

Backups and disaster-recovery snapshots are taken on a regular cadence. Restoration procedures are tested periodically.

Workbench connects to third-party systems (such as ERP, accounting, payroll, and project-management tools) using the narrowest set of permissions required to perform the work you've authorized. Connections use OAuth, API keys, or vendor-supported integration mechanisms — never shared user passwords where a safer option exists.

You control which integrations are connected and can revoke access at any time. Actions taken by a crew member in your systems are logged for audit.

Code changes follow a peer-reviewed pull-request model with required approvals and automated checks. We use dependency scanning, static analysis, and secret scanning in CI. Security-sensitive changes undergo additional review. Production deployments are automated, logged, and reversible.

Where crew members take automated action, we apply safeguards appropriate to the risk: scoped permissions, confirmation steps for high-impact actions, rate limits, and human-in-the-loop review for configured decision points. Outputs are probabilistic — your administrators configure review gates suited to your environment. We do not train third-party foundation models on customer data, and we do not use customer data to improve models offered to other customers except where expressly permitted by the applicable agreement.

We log access to production systems, administrative actions, and the actions crew members take on your behalf. Logs are retained for a reasonable period, access to logs is restricted, and anomalous activity generates alerts for investigation.

We monitor security advisories for our dependencies and infrastructure, and triage and remediate vulnerabilities based on severity and exploitability. High-severity issues are prioritized and tracked to closure. We engage third-party testers periodically.

We maintain a written incident-response plan covering detection, triage, containment, eradication, recovery, and post-incident review. If we confirm a security incident that materially affects customer data, we will notify affected customers without undue delay in accordance with applicable law and our contractual commitments, and will work with them on remediation.

To report a suspected vulnerability or incident, email security@lynkr.ca.

We maintain business-continuity and disaster-recovery plans designed to preserve the availability of the Services and the integrity of customer data in the face of infrastructure failures or other disruptive events. Critical vendors are assessed for their own continuity and redundancy practices.

We work with a small set of trusted sub-processors to deliver the Services (including cloud hosting, email delivery, and analytics). Material sub-processors are reviewed for security posture and are bound by contract to handle customer data only under our instructions. A current list of material sub-processors is available on request under NDA.

Security is a partnership. You are responsible for (a) protecting the credentials and devices used to access the Services, (b) configuring integration scopes, review gates, and visibility settings appropriately for your organization, (c) ensuring you have the legal right to connect the data sources you authorize, and (d) reviewing Outputs before relying on them for consequential decisions. We are responsible for operating the platform described in this policy.

For security questions, vulnerability reports, or to request detailed documentation under NDA:

Lynkr Inc.
Attn: Security
Toronto, Ontario, Canada
security@lynkr.ca