ProductManagerHubProductManagerHubBack to Home

Security Commitment

Last updated: February 9, 2026

ProductManagerHub is built for product leaders who handle sensitive competitive strategy, roadmaps, and executive decisions. Security isn't an add-on — it's foundational to everything we build.

Our Promise

We don't store your queries. Your strategic questions are processed in-memory and immediately discarded.
Your data never trains AI models. We never use customer interactions to train, fine-tune, or improve any AI system.
No conversation history. We maintain zero records of what you asked or what we answered.
Minimal data collection. We only log which tool was used and when — never the content of the request or response.

Security Principles

Zero Knowledge Architecture

We never see your queries or responses. All strategic conversations pass through the MCP protocol directly to your local AI client. No content is logged, stored, or inspected.

Encryption Everywhere

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. API keys are hashed before storage — we cannot retrieve your raw key.

Infrastructure Security

Hosted on enterprise-grade cloud infrastructure with SOC 2 certified providers. Regular security patching, dependency audits, and penetration testing.

Access Controls

Principle of least privilege for all infrastructure access. Multi-factor authentication required for all team members. Audit logs for administrative actions.

Compliance

SOC 2 Type II compliance in progress. GDPR-aware data handling for European users. Regular third-party security assessments.

Incident Response

Documented incident response procedures. Commitment to notify affected users within 72 hours of a confirmed data breach. Regular tabletop exercises.

How Your Data Flows

1

You ask a question

Your query goes from your AI client (Claude, Cursor) to our MCP server over an encrypted connection.

2

We process in-memory

The request is matched against our curated knowledge base entirely in-memory. No query content is written to disk or logs.

3

Response delivered

The strategic guidance is returned to your AI client. The response is not stored, cached, or logged on our side.

4

Memory cleared

All request and response data is immediately discarded from memory. Only a metadata entry (tool name + timestamp) is retained for usage tracking.

Responsible Disclosure

If you discover a security vulnerability in ProductManagerHub, we appreciate your help in disclosing it responsibly. Please email us at ludwigad@productmanagementhub.io with details of the vulnerability.

We commit to:

  • Acknowledging your report within 48 hours
  • Providing a timeline for remediation
  • Keeping you informed of progress
  • Not pursuing legal action against researchers acting in good faith

Security Questions?

For security-related questions or concerns, contact us at ludwigad@productmanagementhub.io. For enterprise security reviews or to request our security documentation, please include “Security Review” in your subject line.