Still Needs a Human is a multi-tenant translation quality platform. Every workspace is isolated, we keep the least data we can, and access is authenticated and role based. This page describes the actual practices, not a badge on a wall.
We are a working SaaS, not a certification. Rather than claim audit badges we cannot yet show, here is exactly how your content is handled at each layer, from the workspace boundary to the AI judge.
Each customer works inside its own workspace. Profiles, QA configs, uploaded files, and reports are kept to that tenant and are not visible to any other workspace.
We process your bilingual files to run QA and produce a report, and no more. We do not sell your data, and we do not train shared models on it across customers.
The app is authenticated. Sign-in is per workspace, and role-based access scopes what each admin, reviewer, and viewer can see and do.
From the moment a bilingual file lands to the moment a report is produced, here is where your content lives and what touches it.
Every profile, configuration, uploaded file, and report belongs to a single workspace. There is no shared pool of customer content, and one tenant cannot read another tenant's data. The default workspace remains exactly as it was, untouched by tenant additions.
Uploaded bilingual files are processed to run QA and generate results for your workspace only. They are not shared across workspaces, not sold, and not used to train shared models. We keep the least data needed to do the job and give you the report.
The application requires authentication. Sign-in is per workspace, and roles decide what each member can reach. Admins, reviewers, and viewers see only what their role and their workspace allow.
Deterministic rules do most of the work with no model involved. When the optional AI judge is used, it is opt-in, and untrusted document text is fenced before it ever reaches the model, so content in your files cannot be treated as instructions to the system.
The AI judge only runs when you choose to use it. Rule-based checks run without sending your content to any model.
Untrusted text from your files is isolated as data before it reaches the model, so it cannot hijack the instructions or leak across segments.
The model proposes, your reviewer confirms or overrides. No verdict is final without a person, by design.
Connections use scoped tokens. An editor or TMS integration is granted only the access it needs to read the content under check, and nothing wider.
Integration credentials belong to the workspace that set them up. They are not shared with, or reused by, any other tenant.
Integrations are added by your workspace and can be removed by your workspace. Revoke access and the connection stops.
We describe practices, not certifications. We are not claiming SOC 2 or ISO 27001. If a specific control matters for your procurement, ask us and we will tell you exactly where we stand.
If you believe you have found a security issue in Still Needs a Human, we want to hear from you. Please report it privately first, give us a reasonable window to respond, and avoid accessing or changing data that is not yours while you investigate.
Procurement checklist, data handling, integration scopes, or where we stand on a specific control. Send it over and we will answer plainly.
Already a customer? Sign in to manage your workspace and integrations.
The fastest route is our contact page. Tell us your stack and your question, and the right person will reply.
Go to contact