Tenant Isolation & Data-Firewall Attestation
Effective 17 June 2026
The question we are answering: “If Nelkins Technologies also runs the Nelkins Propertiesagency, can a competitor — or the agency itself — see my leads, listings, contracts, and commissions?”
The answer is no, and below is exactly how that is enforced technically and contractually.
Corporate separation
Broker OS is operated by Nelkins Technologies FZ-LLC, a distinct entity from the Nelkins Properties brokerage. The Nelkins Properties agency is a customer of the platform on the same terms as any other tenant — it holds no special access.
Technical isolation
- Tenant-scoped authorization and row-level security (RLS). Access is enforced both in application authorization and by PostgreSQL row-level security policies, so a query executed in one tenant's context is constrained to that tenant's rows at the database layer — not by application code alone.
- Least-privilege database roles. Application and staff database roles are granted only the access required to operate the service and are not provisioned to read across tenants.
- No agency back-door. No Nelkins Properties staff principal holds any credential that can read tenant operational data.
- No shared model training. Atlas, our AI engine, operates strictly on your own tenant data. We never train shared or cross-customer models on your data.
- Encryption. Data is encrypted in transit and at rest; see Security.
Break-glass access
In rare support or incident situations, a small number of authorised Nelkins Technologies engineers may need temporary access to diagnose a problem. When this happens it is:
- time-boxed and individually authenticated;
- recorded in an append-only audit trail;
- limited to the minimum scope needed; and
- subject to tenant notification.
This access is never available to agency staff.
Your controls
- Export your data at any time in a machine-readable format.
- Delete your account and have tenant data removed.
- Request a DPA that contractually binds the commitments above — see Compliance.
Attestation
Nelkins Technologies attests that the controls described above are in force. This attestation is reviewed at least quarterly and on any material change. It is backed by an internal Data-Firewall Policy and a break-glass access runbook, against which we run a quarterly access review. Questions: security@nelkins-os.xyz.