Tiro Motlhofo is designed so that compliance with Botswana's Data Protection Act 2024 is a property of the platform, not a checklist your team has to remember.
Row-level security is enforced at the database, not just the app. A tenant can never read or write another tenant's rows — even if application code has a bug.
Omang national IDs, +267 phone numbers, card numbers and emails are stripped from every prompt before it leaves our servers to an AI provider.
Every AI call is recorded with the tool used, the model, token counts and a SHA-256 hash of the prompt — enough to prove processing without storing the plaintext.
A dedicated breach register keeps you audit-ready under DPA s.74. If we detect an incident, it is logged immediately and the IDPC notification window is tracked.
Roles are stored in a separate table checked by a SECURITY DEFINER function. There is no client-side privilege check — the database is the source of truth.
System prompts are server-only and cannot be overridden by user input. Tool identifiers are validated against an allow-list before any model call.
Tenant data is stored in a managed PostgreSQL instance. AI inference is routed via the Lovable AI Gateway to model providers under contract. A current sub-processor list is available to Enterprise customers on request.