CV CategoryVantage TV category decision desk Book fit review

Security

Security should keep the first sales conversation simple.

CategoryVantage can start from public links and a real TV category problem. Private data, integrations, and enterprise controls come later only when they help close a sharper paid decision.

Public links first Authenticated business mail Scoped controls when private data is needed
Public surface

Controlled public site and business contact path.

The public site presents CategoryVantage, routes security and commercial contact, and keeps customer-data workflows separate from the marketing surface.

Access

Least-privilege operations.

Access is limited to the people and services needed to operate the domain, site, mailbox, and demos. Credentials, admin access, and operational notes stay separated from public conversation.

Data

Controlled data intake.

Public conversations start from the minimum information needed to evaluate fit. Private customer-data programs use separate scope, purpose, access, retention, and review controls.

Operating controls

Security controls match the data surface.

Public site delivery HTTPS, managed DNS, minimal scripts, and controlled public assets keep the site surface clear.
Email reliability MX, SPF, DKIM, DMARC, and mailbox monitoring support reliable business communication.
Operating records Separate raw inputs, review evidence, decision records, and customer-facing outputs so mistakes do not silently propagate.
Incident handling Security reports, suspected mailbox issues, DNS changes, and exposure concerns are routed for review.
Transport

Encrypted delivery by default.

The public site is served over HTTPS. Mail and DNS are configured through managed providers, with sender authentication records used to reduce spoofing and delivery risk.

Secrets

Secrets stay out of customer workflows.

Passwords, API keys, tokens, and admin credentials are not treated as normal demo or support material. If a secret is exposed, it is handled as a rotation issue.

AI boundary

AI support stays inside control boundaries.

AI-generated summaries and classifications support review; they do not replace source evidence, access controls, customer approval, or policy review.

Customer data

Dedicated workspace for sensitive customer data.

CategoryVantage works from public evidence first. Private customer datasets, account strategy, margin, inventory, and tenant data are handled through a scoped workspace with access, retention, audit, and vendor-review expectations.

Enterprise data readiness

Enterprise data runs through a stronger control path.

Formal scope

Define what data is processed, why it is needed, who can access it, where it is stored, and when it is deleted.

Vendor review

Enterprise customers may expect security questionnaires, DPA review, subprocessors, access controls, and evidence of operational safeguards.

Audit trail

Customer-impacting decisions are supported by source evidence, review state, timestamps, and controlled promotion paths.

Report a concern

Security reports are handled directly.

Send security concerns to [email protected]. Please include the affected URL or mailbox, observed behavior, timing, and a safe reproduction summary. Do not include secrets, private customer data, or destructive proof.