Privileged stays
privileged.
Legal teams cannot put privileged material into a tool that might surface it to the wrong person. Astry enforces access physically, cites a source on every answer, and journals every request, so confidentiality is the architecture, not a promise.
Astry answers only from what you are cleared to see.
A cited source on every answer
Confidentiality is the architecture.
Privilege is not a setting you toggle. It is enforced by where files can and cannot go.
Privilege preserved
A cited source on every answer
Full audit trail per request
Walled by matter
Absent, not hidden
Runs in your cloud
How privilege is kept.
Five steps, on every request. No override, no exception.
- 01
Clearance by matter
Before anything runs, Astry resolves which matters the asker may open, straight from your source systems.
- 02
Physical projection per request
Only the cleared files are copied into a per-request sandbox. The model runs with that directory as its entire world, then the sandbox is destroyed.
- 03
Cited answers
The response is built from those files alone and lists each one. No source means no claim.
- 04
Append-only audit
The query, the files read and the answer are journaled to a log that cannot be edited or deleted.
- 05
Erasure on request (GDPR Art. 17)
Remove a matter and Astry's departure-kit tooling documents what was retrieved and erased, so you can answer a deletion request with a record.
Good to know.
Access is enforced at the filesystem level, not by a prompt. Before inference Astry copies only the files the asker is cleared to see into a throwaway per-request sandbox, runs the model with that directory as its world, then deletes it. A file outside the matter is physically absent, so no prompt can reach it.
Confidentiality as architecture.
See how Astry keeps privileged work privileged, in your own cloud.