> For the complete documentation index, see [llms.txt](https://docs.crxtoken.xyz/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.crxtoken.xyz/page-4.system-architecture/4.6-security-privacy-and-access-control.md). # 4.6 Security, Privacy, and Access Control Security and privacy are not treated as separate “modules” but as properties that must hold across the entire architecture. All data in transit is encrypted using industry-standard protocols, and sensitive fields are encrypted at rest with keys managed through a dedicated key management system. Access to data and model outputs is governed by strict role- and scope-based controls, ensuring that internal services and, where applicable, team members only see what they need to operate or support the system. Privacy principles are enforced at the design level. Credit Express avoids building persistent, exhaustive raw logs of user activity. Instead, it focuses on derived features and summary statistics sufficient to deliver insights. When models are improved using historical behavior, training workflows operate on anonymized or pseudonymized data where possible, and are structured to avoid reconstructing individual identities from the training set. Access logs and internal operations are auditable. This creates accountability for any back-office interaction with user-related data and supports compliance with regulatory frameworks that may apply as the platform scales across jurisdictions. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.crxtoken.xyz/page-4.system-architecture/4.6-security-privacy-and-access-control.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.