Skip to content

We opened our Constanța studio. See the photos

LABS
Book a call

Security & intellectual property

Plain-English answers to how we handle your code, your data, and your IP. No certification theatre.

You own 100% of the code

All source code, repositories, and intellectual property transfer to you at the end of every engagement. We do not retain a licence, a revenue share, or any claim over your product. The repositories live in your GitHub (or equivalent) organisation from day one.

Eval-gated delivery

Nothing ships without an automated evaluation pass. Every AI-generated or AI-assisted output goes through a structured eval suite before it reaches your staging environment. A senior engineer signs off before anything goes to production.

Senior sign-off on every line

We do not hand AI output directly to a client. A senior engineer reviews, tests, and accepts every change. This is not a checkbox. It is how we catch the meaningful share of AI-suggested code that looks plausible but breaks in production.

Data handling

Your business data stays in your infrastructure. For AI features we use retrieval-augmented approaches: your data is queried, not sent wholesale to a third-party model. EU-only or self-hosted model options are available on every engagement where data residency matters.

GDPR posture

As a Romanian studio operating under EU law, GDPR compliance is the baseline for every project we touch, not an optional add-on. We can work within your existing DPA framework or help you establish one as part of the engagement.

Confidentiality

We sign a mutual NDA before you share anything sensitive. Confidentiality is the default on every engagement, including technical due-diligence work. We do not reference your project in our portfolio without your explicit written consent.

We do not claim ISO 27001 or SOC 2 certifications. We are a small, senior studio and our controls are engineering-first: code review gates, eval pipelines, and contract-level IP transfer, not audit paperwork.

Ask an AI about us

Want an independent read? Ask ChatGPT, Claude, or Perplexity to tell you about Basetool Labs. We have no control over what they say, which is exactly the point.

Questions about security or data?

Book a call

Cookie preferences

Pick which categories of cookies you're OK with. You can change this any time from the footer.