KSYAI
Trust & Compliance
Everything you need to evaluate us before signing an NDA. How we work with clients, where your data lives, what documents we can share, and the compliance posture we hold today.
Engagement Model
A free call, a paid assessment, then a fixed-scope production build.
We do not ask clients to commit to a build before they know what they are buying. The first conversation is a 30-minute call at no cost. If both sides see a fit, we move into a paid assessment. If the assessment is signed off, we proceed to production.
We are deliberately small. Every engagement is owned by a senior consultant, not a sales team. We are not the cheapest option in the market and we are not trying to be. We are the option that finishes what it starts.
Pricing is fixed-scope at every stage. The assessment is a fixed price; the build is a fixed price; ongoing support is monthly. We do not bill hourly.
- 01Discovery Call30-minute, no-cost conversation. We listen to the problem, you listen to how we work. No deliverables, no follow-up obligations.
- 02AI Opportunity AssessmentFixed-scope, 5-10 day report. We map your data, identify the highest-leverage modeling opportunities, and quantify expected ROI. The fee is credited toward a production engagement.
- 03Proof of ConceptOptional, fixed-scope. We train a baseline model on a subset of your data, validate against held-out history, and report measured performance. You keep the report either way.
- 04Production BuildFixed-price. End-to-end delivery: model training, application development, deployment, and team handoff. Includes 30 days of included support.
- 05Ongoing SupportOptional monthly retainer. Monthly retraining, drift monitoring, and feature work. Cancel any month with 30 days notice.
Data Architecture
Your data, your environment, your boundary.
Every model we train and deploy is private to the engagement. The architecture is your boundary: on your premises, in your private cloud tenant, or in a hybrid configuration you approve.
We do not train on aggregated cross-client data. We do not retain copies of your data or your model after handoff. The training data, the model weights, the inference logs, and the code all sit in your environment, governed by your access controls.
- Models are trained in your environment, on infrastructure you control.
- We do not retain copies of your data or your model artifacts after handoff.
- Inference logs, training data, and access credentials all live behind your existing access controls.
- If we ever work in a private cloud tenant, it is one you own, on terms you approve.
Documents
What we can share before you sign an NDA.
Three documents are available on request without an NDA in place. The full proposal template, the master services agreement, and the data processing addendum all become available after a mutual NDA is signed.
- Request documentMutual NDAOn requestOur standard mutual NDA, sent within 24 hours of a request.
- Request documentSample SOWOn requestA redacted sample statement of work from a previous engagement.
- Request documentPrivacy PackOn requestData handling summary, sub-processor list, and breach notification policy.
Compliance Posture
Where we are today, honestly.
We are a small team in the early years of building out formal compliance programs. Below is the current state of the work, with no claims we cannot back up.
- GDPR-aligned data handlingIn progress
- CCPA-aligned data handlingIn progress
- SOC 2 Type IIPlanned
- ISO 27001Planned
Compliance status last updated 2026-07. We refresh this page as the program progresses.