Skip to main content
Agents that run shell, browse the web, and touch your SaaS need a security model that holds up. HQ isolates every conversation in its own machine, keeps your data in the region you choose, and writes an audit trail under every action. For how this fits the rest of the architecture, see How HQ works.

A machine per conversation

Most platforms isolate customers with software boundaries on shared infrastructure. HQ goes a layer deeper: the boundary is a separate machine per conversation.

Hardware isolation

Every conversation runs in its own microVM, isolated at the hardware level — not just a separate process on a shared kernel. It’s the same isolation primitive behind serverless platforms at scale.

Nothing crosses over

Each thread gets its own microVM, memory, and identity. Nothing is shared between workspaces, and a sandbox is torn down when its work is done.

Resumable, not persistent

Sandboxes snapshot and resume, so state persists for a conversation without persisting on shared infrastructure.

Controlled egress

Egress is controlled and country-pinned, so an agent reaches only what you allow, from where you expect.

Bound identity and a tamper-evident audit log

Identity and audit are the spine, built into every action rather than bolted on after. Every agent action carries an identity chain — who asked, which agent acted, on whose authority, and what it touched — and lands in an immutable audit log that cannot be edited after the fact. The result is a full, exportable history for your security and compliance teams. Every integration credential is encrypted at rest and scoped to a single tool. Authorize only what you want, revoke at any time, and toggle integrations per workspace. → Permissions are scopes; the record is the Audit API.

EU or US data residency

You choose the region your data lives in. HQ runs two separated, isolated datacenters — one in the EU and one in the US — on hardware operated end to end, with no dependency on a hyperscaler in another jurisdiction. Your data stays in the region you choose.
Data is encrypted in transit and at rest, and is never used to train models.

Compliance

  • EU AI Act — an identity chain, immutable audit log, and human oversight give the traceability and accountability the Act expects from higher-risk AI. Built for it from the start, not bolted on.
  • GDPR — data residency, per-tool credential scoping, and edit, delete, and freeze controls support your data-protection obligations.
  • Independently certified — audited and certified to ISO 27001, ISO 14001, and ISO 9001 by an accredited registrar.