Protected merchant workspace
Public marketing pages stay separate from authenticated merchant workspace routes so review traffic and signed-in activity do not share the same boundary.
Security
Security and data handling built around staged trust.
MarginPilot is built to separate public review from protected merchant access, keep activation gated by real readiness state, and make the commercial boundary easier to inspect before rollout.
This page describes the current public posture. It intentionally avoids claiming formal certifications or autonomous capabilities that are not yet published and reviewable.
Controls
What MarginPilot is designed to protect
Explicit auth and activation gates
Merchant readiness is treated as staged state, not a vague connected label. Provider authorization and billing proof must both exist before production trust is granted.
Billing handled on a dedicated surface
Checkout and subscription management are routed through Paddle so recurring billing and payment handling are not improvised inside the product workspace.
Human review and auditability
Recommendation support does not remove operator control. Teams can keep manual review, and product state changes are designed to remain inspectable.
Cloudflare-hosted application boundary
MarginPilot runs as a Cloudflare-deployed web application with an explicit split between public pages, protected workspace routes, and external billing.
Monitored support path
Security, billing, or privacy questions route to a real monitored support inbox instead of an unstaffed portal.
Summary table
Current public review points
| Access boundary | Public marketing pages are separated from the signed-in merchant workspace. |
|---|---|
| Merchant activation | Production-grade activation is gated on provider authorization plus billing proof. |
| Billing surface | Checkout and subscription handling run through Paddle on a dedicated external billing surface. |
| Operational control | Human review and override remain available; MarginPilot does not require blind black-box actioning. |
| Public review path | Security, billing, privacy, refund, terms, FAQ, and trust-center pages stay available for pre-purchase review. |
What this page does not claim
- This page does not claim SOC 2, ISO 27001, or any other certification unless MarginPilot actually publishes that claim later.
- This page does not promise fully autonomous provider submission or guaranteed financial outcomes.
- Provider-specific live access still depends on completed authorization and production-ready merchant connection proof.
- Buyers who need deeper review can combine this page with the public Privacy Policy, Terms of Service, Billing Transparency, and Contact pages.