Everything your reviewers need on one page. Mutual NDA, MSA, DPA, subprocessor list, data flow, security posture, and the technical reason leadership cannot read individual readings.
The architectural privacy guarantee.
Every other employee-survey vendor lets the admin flip a setting. We make the privacy a property of the system. There is no setting. Leadership cannot see individual answers because leadership cannot reach them.
How it works in one paragraph. When an employee takes the assessment, their answers, raw text, and keystroke data are written to a row keyed off their personal identity. The aggregation worker reads only across rows, never one. The leadership dashboard queries an aggregate-only view. The view rejects any query that would return fewer than five contributing rows. There is no admin role with read access to individual rows. The role does not exist. To grant it would require a database migration, a code change, and a deploy. We would tell you. You would say no.
Step 01
Employee row.
Each employee's reading lives at row-level. Encrypted at rest in Supabase Postgres. Bound to their own identity, not their employer.
Step 02
Aggregation worker.
Reads across rows. Computes counts, percentiles, distributions. Never returns single rows. Minimum group size enforced at the view level.
Step 03
Leadership view.
Queries the aggregate view only. Cannot SELECT individual rows. The role does not have the grant.
Architecture diagram and detailed access-control matrix are in the security one-pager available on pilot kickoff.
Documents.
Drafts available on request before the pilot conversation. Final versions executed at pilot signing.
Mutual NDA
Standard mutual NDA. Sent before the pilot conversation if you want one. Two-year term, mutual obligations, carveouts for residuals and independently developed material.
Master Services Agreement (MSA)
Pilot MSA covers the 90-day engagement. Annual MSA at conversion. Limitations of liability capped at 12 months of fees. Indemnification for IP and data handling. No auto-renewal without written consent.
Data Privacy Addendum (DPA)
GDPR-aligned. CCPA-aligned. Standard contractual clauses where applicable. Subprocessor list referenced and incorporated. Breach notification within 72 hours.
Security one-pager
Architecture diagram, access control matrix, encryption posture, incident response, business continuity, and the privacy proof above translated into compliance language.
All processors are US-hosted and bound by Data Processing Addenda. Updated when the list changes. Pilot customers receive 30 days notice before any new subprocessor.
Application logs retained 30 days. Access logs separated. No PII in logs by policy.
Vulnerability response
security@noctaracorp.com. We acknowledge within one business day. Patch SLAs follow CVSS severity.
Breach notification
Within 72 hours of confirmed material breach. Per DPA terms.
SOC 2
Type 1 readiness audit complete. Type 2 attestation in observation window. Letter of engagement available on request.
Data residency
All processors US-hosted. EU residency available on annual contracts.
Data deletion
On termination, customer data deleted within 30 days. Aggregate, non-individual statistical artifacts may be retained for benchmarks.
Biometric & behavioral data.
VEX reads how a team types. Keystroke timing. Edit patterns. Pause distributions. We address the legal questions head-on.
BIPA (Illinois) and analogous biometric laws. Keystroke dynamics are not voiceprints, faceprints, retina scans, fingerprints, or hand geometry. Most courts have held keystroke dynamics fall outside BIPA's enumerated categories. We obtain explicit informed consent at the point of assessment regardless. Our pilot terms include written employee-facing consent language pre-approved by counsel.
ECPA (federal). Employees consent to the assessment before it begins. The assessment is the artifact, not background monitoring. We do not capture keystroke data outside the assessment surface.
GDPR / UK GDPR. Lawful basis is consent for individuals plus legitimate interest for aggregate analytics. Subject access requests honored within statutory timelines. Right-to-be-forgotten executable on request.
Why this is different from monitoring tools. We do not record screen, audio, application use, or background keystrokes. We read the assessment session only. What ships to leadership is aggregate.
Your General Counsel will want to read the consent language and access matrix. Both are in the document pack.
Founder & team.
Cole Alexander Alkire
Founder. Architect of Noctara, Pupul, and VEX. Patent-pending behavioral identity compression engine. Marietta, Ohio. LinkedIn
VEX is built by Cole Alexander Alkire and Pupul, Inc. Patent application 64/048,624 filed April 24, 2026 with Rapacke Law Group covering the underlying behavioral biometric identity primitive.
Talk to us.
Procurement reviewers, security teams, and legal counsel: skip the form. Email directly.