Trust Center

Your data never
touches our servers.

DuluthPath is a pass-through intelligence layer. We connect with read-only OAuth2, stream computations across your data, and store derived intelligence only — never the source records themselves.

How the connection works

Read-only OAuth2 · streamed analysis · zero source persistence

Stage 1

Your system

SAP, Oracle, Salesforce, Blue Yonder — runs in your environment, untouched.

Stage 2

Read-only OAuth2

We authenticate with the narrowest possible read scopes. Tokens encrypted at rest.

Stage 3

In-flight analysis

Queries stream through our compute. Aggregates + signals are computed in memory.

Stage 4

Derived only

Only fill-rate %, churn scores, margin flags persist. Source rows discarded.

Data residency · in plain English

What we store · what we don't

What DuluthPath stores

What we never store

Connection metadata (encrypted)
Customer source records (POs, invoices, customer info)
Aggregate metrics (fill rate %, churn score)
Individual line items, GL entries, sales orders
Schema field names
Field values from your systems
Statistical summaries (min/max/avg)
Underlying records that produced the summaries
Anomaly thresholds + breach flags
The records that triggered the breach
Your derived intelligence outputs
Anything traceable back to a source row

Certifications & frameworks

Compliance posture

SOC 2 Type II

In progress

Audit window opens Q2

ISO 27001

Roadmap

Targeting Q4

GDPR

Compliant

EU data residency support live

HIPAA

Roadmap

Healthcare BAA available on request

Data access log

Every query DuluthPath runs against your systems is logged with the proof that 0 records were stored. Available inside your account at /settings/integrations.

// Sample log entry

org_id: ORG-4821

system: SAP S/4HANA

query_type: aggregate (fill_rate_30d)

records_queried: 847

records_stored: 0 ✓

timestamp: 2026-05-12 14:32:01Z

Want a deeper review?

Our security team will walk your team through architecture, threat model, encryption posture, and provide pre-filled vendor questionnaires. 30-min session, no slides.

Experience the onboarding →