Antares OS reads a company's documents and answers from them through a cited Advisor (department AI employees on the same data are on the roadmap). That only works if the data handling is honest and specific. This page is the honest, specific version — current as of June 2026.
These are the external services that process your data, with where they run and what they do. The authoritative, version-controlled list ships in our DPA / security-review pack.
A note on the other AI providers. The app can store a Bring-Your-Own-Key for OpenAI, xAI, OpenRouter, and Google Gemini if you choose to add one, and our content-security policy allowlists their hosts so a saved key can be validated. Those keys are not used to run anything today— only Anthropic and Voyage back execution — so they are not Antares sub-processors. We would rather over-disclose this than let a host in our CSP read as a hidden data path.
The most sensitive secret you give us is your AI provider key. It gets its own application-layer encryption, on top of the platform's transport and storage encryption.
We encrypt the key in our application before it reaches the database, so a database compromise yields ciphertext only.
Your North Star, workflows, chats, documents, and metrics are stored in Supabase (Postgres) on US infrastructure.
To be precise: the application-layer AES-256-GCM above protects the BYOK key specifically. General business-data encryption rests on Supabase's platform encryption, not a second app-layer cipher.
LLM inference for the cited Advisor goes through your organization's own Anthropic key — a missing key returns an error (HTTP 412), never a silent fallback to ours. Document embeddings use your Voyage key when you supply one, otherwise a platform Voyage key. The same routing covers department AI employees when they ship.
Because inference runs on your own account, your prompts and completions are governed by your agreement with the provider, not pooled into ours. You hold the relationship with the model vendor; we hold the orchestration.
Every organization is its own tenant, scoped by organization_id. Direct reads run under Postgres Row-Level Security in the database; the server-side paths that use the service role — such as Advisor retrieval — enforce the same organization scope in application code and RPCs. Both layers gate every query to one tenant.
org_id: b7c…org_id: a1f…RLS policies live in the database migrations and gate every read and write by the requesting user's organization. A new tenant is tested in isolation before any real data is loaded.
No lock-in. You own your data while you are with us and you take it when you go.
We will not claim a certification we do not hold. Here is the real status of each item a diligence checklist asks about.
The full data-handling detail lives in our Privacy Policy. If your security review needs something this page does not cover, ask — we will answer in writing.
Antares records the evidence behind its own answers: which sources grounded a response, whether a citation was attached, how fast feedback was closed, and audit events. We will surface those as live numbers, per tenant.
Illustrative layout. These metrics go live per-tenant as the evidence store fills — no figures below are real.
No. LLM inference routes through your own Anthropic key, and your data is never used to train a third-party model. The knowledge graph the system builds from your documents stays private to your tenant.
You export everything. Request a full export of your data and we provide it, and we delete your tenant within 30 days of the request. There is no lock-in clause in the contract.
No. Every row of business data is scoped by organization_id — direct reads under Postgres Row-Level Security, and server-side service-role paths (like Advisor retrieval) under the same organization scope enforced in application code and RPCs. A query for one organization can never return another organization's rows.
The security-review pack — DPA plus the current sub-processor list — is in progress for the 2026 cohort. Email security@antaresos.app and we will share the latest draft.
We will share the DPA, the sub-processor list, and answer follow-ups in writing.