Governance and security.

The communications of a senior executive are a material asset. These are the controls that govern how Black Jacket AI Intelligence handles them.

Data residency — Canada Central.

Primary data store: All analysis data — scan results, classifications, and AI insights — is stored in Microsoft Azure infrastructure in the Canada Central region. This satisfies Canadian data residency requirements for the primary data store.
Microsoft 365 tenant: Microsoft Graph API calls reach the executive's Outlook tenant in whatever region the M365 tenant is provisioned to. This is outside Black Jacket AI Intelligence's control and is disclosed here.

In transit: TLS 1.2 or higher, enforced at the application layer by Azure App Service. All communications with Microsoft Graph and the Anthropic API are encrypted end-to-end.
At rest: AES-256 encryption provided by Azure Cosmos DB. OAuth refresh tokens receive a second layer of encryption using envelope keys stored in Azure Key Vault — the token in the database cannot be decrypted without the corresponding Key Vault reference.

Authentication method: Access is granted through Microsoft OAuth via Azure Active Directory. No passwords are created or stored. OAuth tokens are never serialized to the client.
Session policy: Sessions last 12 hours with a sliding window. Re-authentication is required beyond that window. Session cookies are httpOnly, secure, and sameSite=lax.
API security: Every API route verifies the authenticated session and confirms the requesting account owns the resource being accessed. Requests without a valid session receive a 401 response.

Communications metadata and classifications: 12 months from scan completion. Deleted automatically via TTL index — no manual action required.
Scan job records: 24 months. The job record (metadata only, without communications content) is retained for trend reporting across analysis windows.
AI insights: Tied to the lifetime of their scan. Deleted with the scan at the 12-month boundary.
Account records: Retained until explicit deletion request from the account holder.

What is included: Account record, all scan results with classifications, all AI insights generated, and any codified delegation rules. Delivered as a structured ZIP archive with a schema reference.
How to request: Available from the Configuration section once connected. The export is generated on demand, stored in Azure Blob Storage as a signed link, and delivered by email.
Export retention: The export file is held for 7 days, then deleted from Blob Storage.

Deletion scope: Deletion covers the account record, all scan data, all AI insights, all codified rules, and all audit log entries associated with the account.
Irreversibility: Deletion is irreversible. All data is permanently removed within 30 days of the request. There is no recovery path once deletion is confirmed.
How to request: Available from the Danger Zone section of Configuration once connected.

Email body text is not stored. Only metadata — sender, recipient, subject, timestamp, thread ID — is persisted.
Attachments are not accessed or stored.
Calendar data, contacts, and files are not accessed.
No data is sold, shared with third parties, or used to train models.

Access opens in a later version. Request a slot for the preview cohort.