Book a call
TRUST & SECURITY

Built on Salesforce.
Data-resident. Audit-traceable.

The platform your security team already trusts. The data residency your procurement team already asks for. The audit trail your finance team already needs. Salesforce – the platform the world's largest enterprises trust with their most critical data.

Built for institutional AI · Powered by Salesforce · Modern and agile
THE FOUR PILLARS

What procurement teams
actually ask about.

Where the data lives. Who runs the AI. What it touches when it acts. Who can audit it. We answer all four.

01

Platform foundation.

Built on Salesforce – the world’s most documented enterprise SaaS data layer. ISO 27001. SOC 2 Type II. HIPAA-ready. PCI-DSS Level 1. FedRAMP. The compliance posture is inherited from Salesforce, not bolted on by Thynk.

02

Data residency.

Regional data residency is available, with separate primary and disaster-recovery regions. Aligned with GDPR and other regional privacy laws by architecture. Data residency contracts available for procurement review.

03

Access & identity.

SAML SSO. SCIM provisioning. Permission-aware AI – every AI agent inherits the same access controls as the human user it acts on behalf of. The model your security team will recognise.

04

Open data model.

Hundreds of published Salesforce objects, thousands of documented fields. Public OpenAPI specification. Postman collection. Bidirectional REST. Your data is your strategic asset – no black-box schema between you and your records.

INHERITED FROM SALESFORCE

Six compliance certifications.
Built in, not bolted on.

ISO 27001
Information security
SOC 2 II
Trust services criteria
GDPR
Data protection
PCI-DSS
Payment card security
HIPAA
Health information
FedRAMP
US federal cloud
AI YOU CAN LET INTO THE VENUE

What your procurement team
will ask about AI, answered.

TENANT-ISOLATED

Your data does not train Anthropic, Salesforce, or any model you have not chosen.

AUDIT-LOGGED

Every AI action is recorded on the record. Show your auditor.

CONFIGURABLE

Every AI draft requires human review before sending. You set the threshold.

DATA-RESIDENT

AI processing stays inside the Salesforce perimeter. No exfiltration.

PERMISSION-AWARE

AI inherits the same access controls as the human user it acts on behalf of.

MODEL-PORTABLE

Salesforce Einstein and Anthropic Claude today. Other models tomorrow. The institutional layer does not change.

The documentation your procurement
team is about to ask for.

DATA RESIDENCY

Data residency commitment.

Separate primary and disaster-recovery regions. The contractual data residency commitment available for procurement review.

SECURITY OVERVIEW

Security & trust pack.

Inherited Salesforce certifications, Thynk security policies, encryption posture, key management.

DPA

Data Processing Agreement.

Thynk DPA – the contractual basis for processing aligned with GDPR and other regional privacy laws, on behalf of venue operators.

Need to brief procurement?

A 45-minute discovery call with the team. We’ll start with your security, data residency and procurement requirements, and map how Thynk meets them. We can share the security and trust pack and DPA ahead of your review.

Operate hotels too? See the Thynk hotels platform →