Viti operates inside sensitive company systems through governed access — a dedicated user identity, scoped permissions, client-controlled deployment, model flexibility, and auditable actions. The security model exists so that founders can run an AI Chief of Staff without surrendering control of company data.
An AI operating layer that reads chat, CRM, email, project tools, and decision records touches surfaces that most software never reaches. That access is the source of its value — and the reason the security model must be explicit, not implied.
Most AI tools operate on content the user selects — a document, a conversation, a prompt. An AI Chief of Staff works differently. It reads execution signals across multiple systems to detect drift, push follow-up, route judgment, and escalate unresolved issues.
That means Viti may touch:
The depth of access is what makes the operating layer effective. It is also what makes the governance model non-optional.
The system acts through a dedicated user ID — not a background process with invisible access, and not a personal assistant attached to the founder's account.
The dedicated identity means:
It should be treated like a governed operating user — one that follows explicit rules, logs every action, and never exceeds its granted scope.
The system does not request blanket access. Permissions are scoped to the function and the loop being installed.
A pilot starting with one sales loop might require:
CRM pipeline and deal records, relevant Slack channels
Limited to nudge messages and follow-up prompts
Surface unresolved issues in the Founder Attention Brief
Record actions and decisions in the audit trail
Start narrow. Expand only after proof. Each permission tier can be granted, limited, or revoked independently.
The operating memory — the structured model of the company's priorities, rules, decisions, precedents, and commitments — can stay in the client-controlled environment where supported.
It reads from and acts in the tools the team already uses. It does not centralize data into a new silo.
The company's priorities, rules, and decision history are not shared across clients.
It connects systems — it does not replace them or copy their data into a new location.
Your operating brain stays under your control.
The model is the reasoning engine, not the operating brain. Operating memory, rules, permissions, and logs carry more weight than the model alone.
Viti requires one reasoning model. By default, it uses DeepSeek's reasoning model. Customers choose which model to run based on their compliance, data residency, and deployment requirements — including deploying an open-source model locally and using only that.
The model is a socket, not the brain.
Every action produces a record. The audit trail is not a log buried in a settings panel. It is the operating proof that the system did what it was supposed to do — and nothing more.
The system does not arrive pre-configured with assumptions about how the company runs. The setup phase exists specifically to calibrate the operating layer against the company's actual patterns.
During the pilot:
Expansion follows proof. One function, one set of loops, one set of evidence. If the first function does not produce value, the second one does not start.
Read access to the tools where execution happens — the channels, records, and documents relevant to the function being monitored. It does not need access to every system in the company. Scope is determined by the loop being installed.
Yes. Viti operates through a dedicated user identity. Revoking access is the same as removing any user from a tool — one action, immediate, and verifiable.
No. Customer data is used to build and maintain that customer's operating memory. It is not used to train shared models or improve service for other clients.
Yes. Customers choose which reasoning model Viti runs on. The default is DeepSeek's reasoning model. Customers who require local deployment can run an open-source model on their own infrastructure. Swapping the model does not affect operating memory, rules, or audit history.
In read-only mode, Viti can detect signals and surface them in the Founder Attention Brief without taking action in the source tools. Write access enables nudges, follow-ups, and in-tool interventions — but it is not required to start.
Every action produces a timestamped audit record: what signal triggered it, what source it came from, what action was taken, who was contacted, and what the outcome was. The trail is available to the founder and to the company's IT or security team.
Start with one function. Every permission is scoped, every action is logged, and every rule is defined with you — not imposed.
Scope your first function