Security & trust

Plain-language security, no badges we haven't earned

PrimeWright runs your bid pipeline, which means it holds sensitive business data. Here is exactly how that data is protected — in plain language, with no invented certifications.

Tenant isolation, enforced twice

Every organization's data is isolated with Postgres row-level security — the database itself refuses to return another org's rows, not just the application code. Defense in depth: the app checks, and the database enforces.

Encrypted in transit and at rest

All traffic to PrimeWright runs over TLS. Data at rest — in the database and in object storage — is encrypted. BYOK API keys and sensitive onboarding documents are encrypted, never logged, and never returned to any client.

Your own key, handled carefully

If you bring your own Anthropic key, it's encrypted at rest, used only to run your jobs under your caps, and never displayed again once you save it — not to you, not to us, not in any log.

A private namespace for your files

Every document you upload or generate lives under your org's own private storage namespace. Other tenants cannot read, list, or reach into it.

Backups — with tested restores

Automated backups run on a regular schedule, and restores are actually tested, not just assumed to work. A backup nobody has restored is a guess, not a plan.

Server-side error monitoring

Errors are captured server-side so problems get caught and fixed quickly — monitoring the system, not your bid content.

Export or delete, anytime

Your data is yours. You can export it or delete it whenever you want — no support ticket required to get your own information out.

Public-record data only

PrimeWright processes public-record federal solicitation data from SAM.gov. No classified, CUI, or export-controlled material is stored — and none should ever be uploaded.

We don't claim certifications we haven't earned. No SOC 2 badge until there's a SOC 2 audit. If a claim isn't true yet, it isn't on this page.

Report a security concern

Found a vulnerability or have a security question? Email support@lunulasupply.com and we'll respond promptly.