Why You Can Trust Clancy: Built for Human Oversight & Secure Access

When you're considering digital employees for your business, trust isn't just about technology—it's about knowing you're always in control. Here's how Clancy is designed from the ground up to keep humans in the loop while maintaining robust security.

Human-in-the-Loop by Design

The most important security feature isn't a certification—it's that nothing happens without your knowledge and approval.

Always Ask, Never Assume

• Pre-Approval Workflows: Digital employees request permission before taking any significant action
• Real-Time Notifications: Get instant alerts when your digital employees need guidance
• Approval Queues: Review and approve batches of actions before they execute
• Escalation Paths: Complex decisions always route to the appropriate human supervisor

Transparent Decision Making

Every action your digital employees take is:

• Logged with Context: Full audit trail of what was done and why
• Reviewable in Real-Time: Monitor ongoing work through our dashboard
• Reversible When Possible: Clear rollback procedures for most automated actions
• Explainable: Plain English explanations of every decision made

Secure Access Through OAuth

Clancy never stores your passwords or raw credentials. Instead, we use industry-standard OAuth flows that put you in control.

How OAuth Protects You

1. You Control Access: You explicitly grant permission to specific systems
2. Limited Scope: Each digital employee only gets access to exactly what they need
3. Revokable Anytime: Disconnect access instantly from your existing systems
4. Encrypted Storage: Access tokens are stored with enterprise-grade encryption
5. Automatic Expiration: Tokens refresh automatically or expire for security

Example: Customer Service Digital Employee

Granted Permissions:
✅ Read customer emails (Gmail)
✅ Create support tickets (Slack)
✅ View customer profiles (CRM)

Not Granted:
❌ Send emails on your behalf
❌ Delete customer data
❌ Access financial information
❌ Modify pricing or contracts

Principle of Least Privilege

Every digital employee operates with the minimum permissions necessary to do their job—nothing more.

Scoped Permissions

• Task-Specific Access: Each digital employee only accesses systems relevant to their role
• Time-Limited Sessions: Connections expire and require re-authorization
• Read vs. Write: Many tasks only require read access to gather information
• Granular Controls: Fine-tuned permissions for each integration

Permission Examples

Accounting Assistant:

• QuickBooks: Read invoices, Create expense reports
• Gmail: Read receipts folder only
• Slack: Post to #accounting channel

Sales Coordinator:

• CRM: Read contacts, Update deal stages
• Calendar: Create meetings, Send invites
• Email: Send follow-ups (with approval)

Built-in Security Measures

While we don't claim certifications we don't yet have, we implement security best practices:

Technical Security

• End-to-End Encryption: All data encrypted in transit and at rest
• Secure Authentication: Multi-factor authentication for all administrative access
• Regular Security Updates: Automated security patches and monitoring
• Isolated Environments: Each organization's data is completely separated

Access Controls

• Role-Based Permissions: Different access levels for admins, managers, and users
• Session Management: Automatic logout and session expiration
• API Rate Limiting: Protection against abuse and system overload
• Audit Logging: Complete record of all system access and changes

Deployment Options for Your Comfort Level

Cloud-First Approach

• Shared Infrastructure: Cost-effective option with strong tenant isolation
• Managed Updates: We handle security patches and system maintenance
• Global Availability: Access your digital employees from anywhere
• Automatic Backups: Your data is continuously protected

Future Enterprise Options

• Dedicated Infrastructure: Isolated cloud environment for sensitive workloads
• VPN Integration: Direct connection to your existing network infrastructure
• Custom Security Controls: Integration with your existing security tools

Getting Started with Confidence

Start Small, Scale Smart

1. Pilot Program: Begin with a single digital employee and limited scope
2. Monitor & Learn: Watch how the system works with your existing processes
3. Gradual Expansion: Add more capabilities and digital employees over time
4. Full Integration: Scale across your organization with proven confidence

What You'll Always Control

• Which systems your digital employees can access
• What actions they can take in each system
• When they need to ask for approval
• How they communicate with your team

Transparency & Trust

Open Communication

• Clear Documentation: Detailed explanations of how everything works
• Regular Updates: Transparent communication about platform changes
• Responsive Support: Direct access to our team when you need help
• Community Feedback: We listen and adapt based on user input

Your Data Rights

• Data Ownership: Your data belongs to you, always
• Export Capabilities: Download your data anytime
• Deletion Rights: Complete removal of your data upon request
• Privacy Protection: We only access data necessary for functionality

Building Trust Through Experience

The best security isn't a checklist of certifications—it's a platform designed to earn your trust through consistent, predictable behavior.

Every digital employee in Clancy is designed to:

• Ask before acting on anything significant
• Explain their reasoning in plain English
• Operate within clear boundaries you set
• Escalate appropriately when they encounter edge cases

Ready to experience transparent, human-controlled automation?

Start your pilot program or talk to our team about your specific trust and security requirements.

Questions about our security practices? Visit our Trust Center or schedule a security discussion.