TrustTrust Safety
Trust And Safety Overview
Trust and Safety is a product boundary capability for Prox OS. It is not a late-stage paperwork layer. It shapes which surfaces can become public, which ones re
Trust and Safety is a product boundary capability for Prox OS. It is not a late-stage paperwork layer. It shapes which surfaces can become public, which ones remain private, and what operational readiness is required before Prox Cloud hosts user content at scale.
This guidance is product and operations guidance. It is not a formal compliance determination.
Product Posture
- Prox OS is private-first in early stages.
- Self-hosting should remain clear and operator-owned.
- Prox Cloud should launch in stages, starting with private and invite-only hosted workspaces.
- Public user-generated content is not enabled by default.
- Public Spaces, public profiles, comments, recommendations, and open app submission require launch gates before production rollout.
- AI agents, connectors, and future workflow execution require explicit scopes, human confirmation for sensitive actions, revocation paths, cost limits, and audit logs before they become production capabilities.
Data Sovereignty Posture
The trust story is not only moderation. It is also user agency:
| Promise direction | Trust implication |
|---|---|
| Own your data | Do not hide user-owned Space, source, connector, or app data behind unclear platform custody. |
| Export your data | Future hosted features need export paths before they become durable systems of record. |
| Delete your data | Privacy request handling and deletion workflows must be defined before broad hosted scale. |
| Audit your agents | Agent reads, writes, tool calls, costs, and approval decisions should become visible events. |
| Move your apps | App manifests, BYO GitHub, BYO deployment, and portable interfaces reduce platform lock-in. |
See EU GDPR Baseline for the privacy-by-design and European data sovereignty baseline.
What This Area Owns
- Product boundaries for public and private surfaces.
- Abuse reporting and takedown readiness.
- Self-hosting and hosted-content responsibility boundaries.
- Region profile notes for global availability and CN Lite constraints.
- Public UGC launch gates.
- Trust Center user-facing messaging.