Your employees trust you with their honesty. We protect it.

Every architectural decision in Alignn starts with one question: could this ever identify an individual employee? If the answer is yes, we do not build it that way.

POPIA Aligned by DesignOHS Act AlignedAnonymity by Design

AI Intelligence

Alignn uses AI to generate intelligence reports. Before any data is sent to the AI, it is aggregated, anonymised, and stripped of all identifying information. The AI receives numbers and patterns — never names, never individual scores, never anything that could identify a specific person.

personal data fields sent to AI

Names, user IDs, email addresses, and individual scores are removed before every AI call.

encryption on all open-text responses

Pulse survey comments are encrypted at rest. Even a database administrator cannot read them without the encryption key.

all AI calls are made server-side

No AI calls are made from the browser. All requests go through authenticated server routes. API keys are never exposed to the client.

Anonymity Architecture

Alignn applies a two-threshold anonymity rule across all reporting. This ensures individual employees are never identifiable through the insights their managers receive.

General insights — how a personality colour type typically behaves as a group — are shared freely regardless of group size. This is population-level behavioural knowledge, not individual identification.

Specific patterns — a score drop concentrated in one colour group, or a behaviour attributed to one type — are only referenced when 5 or more employees of that type exist in the team. Below that threshold, Alignn uses neutral language. The insight is never suppressed — only the colour attribution.

Pulse survey open-text responses are encrypted with AES-256-GCM before storage. The encryption key is held separately from the database. A database administrator with direct access to the Supabase project cannot read the contents of any open-text response.

Safety reports are filed with no name attached at the point of submission. The reporter's identity is stored server-side in a separate field that is excluded from every manager-facing API endpoint. It is not possible for a manager to discover who filed a safety report through any feature of the Alignn platform.

Pulse survey responses are always anonymous. Safety reports are anonymous by default. The reporter's identity is stored server-side only for notification purposes and is never exposed to managers through any API endpoint.

Audit Trail

Every safety report, shift check, supervisor override, and status change generates an immutable, timestamped record. These records cannot be edited or deleted. They exist specifically so that after an incident — whether it is a CCMA dispute, an insurance claim, or a DoL inspection — you have a complete, credible account of what happened and what your organisation did about it.

Every shift check declaration is timestamped and trip-referenced. Supervisor overrides require a written reason and are append-only — they cannot be modified after submission.

Safety report status changes (acknowledged, under investigation, escalated, resolved) are all recorded with the manager’s identity, timestamp, and any written notes. Closure requires a written reason and a manager declaration.

Safety reports are retained for a minimum of three years at the database level. Deletion is blocked by a database constraint enforcing OHS Act Section 80.

The Fleet Human Risk Report is formatted for direct submission to an insurance broker and includes a legal boundary note on every generated report.

POPIA Alignment

Alignn is built for compliance with the Protection of Personal Information Act (POPIA). We collect only what is necessary to deliver the service, and every data processing decision is transparent and documented.

Every user has the right to access, correct, or delete their personal information. Company admins can exercise these rights on behalf of their employees through the Data Rights section in the admin panel.

Pulse survey responses are retained with a user ID for streak tracking and flight risk detection. This user ID is never exposed to managers. After 24 months, responses are anonymised and the user ID link is removed.

Alignn is designed in alignment with the Protection of Personal Information Act (POPIA). Cross-border data transfers are handled under POPIA Section 72, which permits transfers to jurisdictions that provide equivalent levels of protection. All transfers are documented and governed by appropriate safeguards.

Data retention: Assessment results are retained for the life of the account. Pulse responses are anonymised after 24 months. Safety reports are retained for minimum 3 years as required by the OHS Act.

OHS Act Alignment

Alignn's safety reporting module is designed to support compliance with the Occupational Health and Safety Act 85 of 1993. When a safety report is filed, Alignn automatically suggests the relevant OHS Act section for context and records the report with a tamper-proof audit trail.

Safety reports are retained for a minimum of 3 years with deletion prevention enforced at the database level. Company admins can export a date-ranged CSV at any time for Section 80 compliance.

Alignn is a reporting and awareness tool only. We do not replace a formal OHS management system, a registered Safety Officer, or the legal obligation to report serious incidents to the Department of Employment and Labour.

Data Hosting

All Alignn data is encrypted at rest using AES-256 and in transit using TLS 1.3. Database access is controlled via Row Level Security policies that enforce strict company-level data isolation. Your data is completely isolated from every other company on the platform — it is architecturally impossible for one company's data to appear in another's view.

Every database query is scoped to the requesting user's company via JWT claims. There is no API endpoint that returns data across company boundaries. Service role database access is restricted to server-side operations only and is never exposed to the browser.

Cross-border data transfers are handled in compliance with POPIA Section 72, ensuring your employees' data receives equivalent protection regardless of where it is processed.

Encryption at rest

AES-256

Encryption in transit

TLS 1.3

Access control

Row Level Security

Our Commitments

These are not aspirations. They are architectural constraints baked into how the platform is built.

Sell your data

Alignn does not sell, share, or monetise your company’s data or your employees’ data. Ever.

Share data between companies

Your data is isolated at the database level. No other company on the platform can access it, and you cannot access theirs.

Send personal information to AI

Names, email addresses, user IDs, and individual scores are stripped before every AI call. The AI sees aggregated patterns only.

Expose reporter identity to managers

Safety report and pulse survey anonymity is enforced at the API level. There is no manager-facing endpoint that returns reporter identity.

Allow deletion of safety records

Safety reports cannot be deleted for three years. This is a database constraint, not a policy — it enforces OHS Act Section 80 automatically.

Allow modification of audit records

Supervisor overrides, status changes, and closure declarations are append-only. Once written, they cannot be edited.

Use your data to train AI models

Alignn does not use your company’s data or your employees’ responses to train any AI model, including the Alignn AI model used to generate reports.