Skip to main content
PeakPilot

Security and data use

Protection for client data and decision records.

PeakPilot separates organizations, checks access on the server and makes it explicit when data is shared or processed externally.

Access control

Client projects start at a controlled organization boundary.

Protected operations use the signed-in identity, active organization and role as the gateway to project data.

01

Identity and organization

A user must be signed in and have an active organization. Missing or invalid organization context is rejected.

02

Separation by organization

Projects, datasets and simulation results are checked against the active organization during protected operations.

03

Roles with a clear purpose

Admins manage members, billing and organization settings. Members work within the project workflow.

04

Browser protections

Security headers restrict unwanted content, embedding by other sites and unintended disclosure of referrer information.

Data flow

From source file to client advice: keep sight of the data flow.

PeakPilot processes the project data your team enters. Share only what is needed for the business client case.

  1. 1. Limit the input

    Import relevant interval data and project characteristics. Avoid free text or personal data that is not needed for the simulation.

  2. 2. Work within the client case

    Sources, units, scenario inputs and results remain associated with the project and active organization.

  3. 3. Publish deliberately

    Reports, exports and share links are created only by a user action. Review the content before sharing it with a client.

Share links

A share link grants access. Treat it that way.

A result link contains a random token, has an expiry date and can be revoked. Anyone with a valid link can view the shared result until the link expires or is revoked.

Choose an expiry date

When creating the link, choose how long the result remains available.

Revoke access

Revoke a link when its recipient or the advisory process changes.

Optional AI processing

AI Advisor does not sit between you and the simulation.

The simulation works without AI Advisor. External AI processing starts only after an organization admin enables the feature.

Off by default

Only an organization admin can activate AI Advisor and manage its provider settings.

Bounded input

The provider receives relevant project context, source metadata and aggregated simulation outcomes. Raw measurement rows and interval values are not sent.

A draft remains a draft

AI Advisor creates draft text. The adviser checks facts, assumptions and wording before using it in client advice.

Auditability

Secure work also means knowing what supports a conclusion.

PeakPilot keeps source data, scenario inputs, units and simulation results together, helping your team trace an outcome back to the selected client case.

Traceable calculation basis

Report blocks can be linked to a specific project, simulation result and result fingerprint.

Not an external certification

PeakPilot provides decision support. It does not replace a security audit, legal advice or independent validation of your client data.

Security questions

Clear boundaries for sensitive client cases.

These answers explain what the product does, what your organization controls and where additional checks remain necessary.

Can another organization retrieve my projects?

Protected project operations check the signed-in identity, active organization and the project's organization ID. A project outside that boundary is not returned as an accessible project.

Who can change organization settings?

Organization admins manage members, billing, tariffs and optional AI settings. Members can use the project workflow but do not have these administrative capabilities.

What can someone with a share link see?

A valid share link shows the saved snapshot of the shared simulation result and its project labels. The link is not tied to the recipient's identity, so use an appropriate channel and revoke it when needed.

Is AI Advisor required?

No. AI Advisor is off by default and is not required to set up projects, import data or run simulations.

Which data is sent to the AI provider?

Once enabled, AI Advisor can process relevant project context, aggregated energy and financial outcomes, and source metadata. Raw dataset rows and interval values are excluded from the AI evidence.

Does PeakPilot guarantee a secure client process?

No. Technical controls help, but your organization remains responsible for user management, data minimization, safe distribution of share links and review of reports.

Privacy in context

See which data PeakPilot processes and why.

The privacy policy explains data categories, purposes, processors and your rights.

Read our privacy policy