Empire Automate
Start With A Blueprint

Trust & Security

Sensible guardrails for AI at work.

Trust starts with sensible defaults: limited access, human approval, clear logs and honest conversations about what AI should and should not do.

Security posture

The default posture is conservative.

We design each hub around the least access required, clear approval points, and a visible record of what happened. The exact controls are confirmed during Blueprint.

01

Least-privilege access

Integrations are scoped to the workflow. We avoid broad admin access where narrower permissions work.

02

Human approval

Sensitive outputs and external actions route through approval queues before they leave the hub.

03

Audit trail

Workflow history, approvals, outputs and agent activity are logged so work can be reviewed.

04

Residency-conscious builds

Australian-region infrastructure and model choices can be designed around your constraints.

AI drafts, prepares, checks, summarises and routes. Humans approve important outputs and sensitive actions.

Core Empire Automate principle

Data handling

We minimise what we touch.

Your hub is configured with the minimum data access required for each workflow. Connections to your tools use scoped, read-or-write-as-needed permissions, never blanket admin credentials when narrower scope works.

Sensitive fields can be redacted, masked or excluded from AI prompts. Logs capture which AI agent saw which data, when and what it did with it.

Hosting & data residency

Designed for your constraints, not ours.

Hosting and data residency options depend on the systems, models and integrations selected for your hub. Where required, we can design for Australian-hosted infrastructure and data-residency-conscious implementation, confirmed during your Blueprint before any contract is signed.

For many clients, the underlying components are Microsoft Azure Australia-region, AWS Sydney or equivalent Australian-region cloud infrastructure. Model providers are selected based on your data sensitivity and residency requirements.

Access & permissions

Least-privilege by default.

  • Role-based access for your team inside the hub
  • Scoped integration permissions per tool
  • Credentials, secrets and tokens stored securely using appropriate secret-management controls
  • Per-workflow access boundaries

Audit logs & approvals

Auditable by design.

  • Approval queues for sensitive outputs
  • Draft-only modes where nothing sends without review
  • Output history retained per workflow
  • Reviewer assignments and escalation rules
  • Prompt and version tracking
  • Workflow-level monitoring and alerts

Data ownership & exit

You own your data. Always.

Your business data, documents, records, prompts, configurations, knowledge bases, audit logs and workflow data built from your content are yours. If you cancel, we provide an export and handover process documented during onboarding.

Empire Automate retains the reusable framework code, but never the business-specific data, configuration, prompts or knowledge you have built up inside the hub.

Commercial trust

The contract layer.

For larger or compliance-sensitive engagements, Empire Automate provides a security and data-handling overview, master service agreement, data processing addendum and implementation-specific risk controls during the Blueprint.

Insurance & cover

Professional indemnity and cyber insurance. Current cover details available on request during the Blueprint.

Standard contracts

Master Service Agreement, Data Processing Addendum and confidentiality terms available on request.

Support & incident response

Documented support expectations and incident response process by engagement shape.

Termination & export

Documented export and handover process at the end of engagement. Your data and audit history remain exportable.

Availability

Availability targets, status reporting and incident notification are agreed for the managed retainer.

Confidentiality

Mutual NDA available before Blueprint where required. Standard confidentiality terms are built into the MSA.

Approval boundaries

What AI should not do without approval.

By default, your hub is configured so the following actions require human approval before execution. The list is configurable per workflow during Blueprint.

  • Sending sensitive client or customer messages
  • Issuing refunds or credits
  • Changing financial data or records
  • Deleting any records or files
  • Submitting official documents externally
  • Sending bulk communications
  • Making HR or payroll changes
  • Making legal, financial or clinical recommendations
  • Changing compliance records
  • Approving payments
  • Sending client-ready reports in high-risk contexts

Some clients widen these defaults; some narrow them further. Default posture is conservative.

Have a security or compliance question?

We are happy to walk through trust questions in detail before the Blueprint, particularly for accounting, finance, compliance and legal/admin-heavy buyers.

Start With A Blueprint Ask A Question First