Flatland is designed for a finance audience that cares about who touches the numbers. The architectural decisions below are how we make “your data is your data” structurally true, not a checkbox.
Your model JSON files live in ./flatland/models/on your disk. We don't persist your model contents on our servers. The compile runs in memory against the IR you send and returns. Nothing of your model lingers in our cloud.
The live system heartbeat (the cycling mark, the compile log on flatlandfi.com) broadcasts only anonymized counts: compile id, region, driver count, latency bucket, assertion pass/fail count. Driver names, model contents, formulas, and user identifiers never leave your browser or your agent.
We log timestamps, endpoint called, response status. We do not log the body of your API requests; your driver values, formulas, or computed results are not in our logs.
Per-key authentication boundary. Each API key is a logical tenant. Cross-tenant access is architecturally impossible: there is no shared model store that two keys can both read from. (This is what makes the platform-tier embedding model on /platforms tractable.)
TLS on every API call. HTTPS-only on flatlandfi.com (HSTS). Stripe handles all payment data; we never see or store card numbers.
Flatland does not call any LLM. The engine is pure deterministic computation. Your AI agent (Claude, Cursor, etc.) calls Flatland; Flatland computes; the answer returns. We have no relationship with your AI provider and your AI provider has no direct relationship with us.
Honest discipline applies here too. The list below is what we do not currently claim. If you need any of these to deploy Flatland inside your organization, talk to us; we'll tell you where we are.
No system is perfectly secure. If you discover a vulnerability, please disclose it responsibly to info@flatlandfi.com. We will respond as quickly as we can and work in good faith with you on mitigation and credit.
Specifically of interest: anything that breaks the tenant-isolation guarantee, anything that exposes model contents from one tenant to another, anything that bypasses the spending cap, anything that lets an unauthenticated caller produce a compile.
