);
}
// ── Verticals dropdown ────────────────────────────────────────────
function LegalVerticalsDropdown({ onPhoto }) {
const [open, setOpen] = useState(false);
const ref = useRef(null);
const closeTimer = useRef(null);
const hoverOpen = () => { clearTimeout(closeTimer.current); setOpen(true); };
const hoverClose = () => { closeTimer.current = setTimeout(() => setOpen(false), 120); };
useEffect(() => {
const close = e => { if (ref.current && !ref.current.contains(e.target)) setOpen(false); };
document.addEventListener('mousedown', close);
return () => document.removeEventListener('mousedown', close);
}, []);
const items = [
{ label: 'Carriers', sub: 'Asset-based · LTL · TL', href: '/' },
{ label: 'Oracle ERP', sub: 'Fusion · NetSuite · JD Edwards', href: '/erp' },
{ label: 'Freight & Logistics', sub: 'Brokers · Freight forwarders', href: '/freight' },
{ label: 'Regenerative Health', sub: 'Clinics · Wellness · Aesthetics', href: '/health' },
];
const linkColor = onPhoto ? 'rgba(244,240,232,0.72)' : 'var(--muted)';
const linkHover = onPhoto ? '#F4F0E8' : 'var(--ink)';
return (
Effective May 17, 2026 · Elite Capital Inc. · Toronto, Ontario
Echo runs inside your Microsoft Azure tenant. Customer data stays in your tenant. This page describes the controls behind that statement.
Echo agents run inside your Microsoft Azure tenant or an equivalent buyer-approved environment. Echo's service does not host your data.
Your source systems stay inside your boundary: Outlook shared inboxes, Microsoft Teams, Trimble TruckMate, your EHR, your ERP. Echo reads and writes through APIs you grant scopes to.
The Echo service in your tenant runs three layers:
Customer operational data stays in your tenant, in your region. Microsoft Azure is the runtime. Postgres is co-located with the runtime.
Marketing site form submissions on echoagents.io are processed by Vercel and Formspree in the United States.
Echo Agents has no production database that holds customer operational data outside your tenant.
Each agent requests only the scopes its job requires. Scopes are reviewed and approved by your admin before the agent is deployed and revoked when the agent is paused or removed.
Not every agent runs in every vertical. Triage is universal. Audit is ERP-only. Recover and Quote are Freight-only. Intake is Health-only. The full agent and vertical map lives on each vertical page.
The architecture is the same across verticals. The source systems and the audit record schema vary by industry.
Classification and structured extraction use Claude Sonnet 4.6 from Anthropic, called through the LangGraph orchestrator. Anthropic does not train on customer inputs.
The model produces strict JSON. A validation layer rejects malformed or incomplete outputs before any customer-visible action.
The model does not send emails, create orders, or call APIs directly. All backend actions are performed by deterministic Echo tools with schemas and audit logs.
Draft-first by default. Auto-send stays off until measured accuracy meets your threshold.
Auto-send is gated by feature flags on four dimensions: intent type, customer tier, confidence threshold, and backend result quality.
Human approval gates fire on ambiguous, high-value, incomplete, frustrated, exception, and policy-sensitive cases.
The autonomy level (read-only, suggest, auto-execute, auto-execute with audit) is set per agent and per workflow.
Every inbound message becomes a case record. The audit trail covers:
Your compliance team can query the full audit trail at any time. The decision log posts to your designated Teams audit channel as it happens.
Production access by Echo staff is logged and reviewable by your team on request.
Logs are minimized to drop free-text customer body content where the workflow allows.
Postgres stores case state, extracted fields, audit records, and metrics. It does not store full email bodies or PHI unless your contract explicitly approves longer retention.
Retention is configurable per customer and per data class. Defaults are short. Auditable case records are retained for the audit window your compliance team requests.
Idempotency controls prevent duplicate replies from Microsoft Graph retries. Every action carries an idempotency key.
Reply-in-thread behavior uses Microsoft Graph createReply and reply APIs, preserving the original thread context for the customer.
Dead-letter handling captures failed messages and replays them once the underlying issue is resolved.
Echo Agents operates as a Business Associate for health vertical customers. A signed Business Associate Agreement is in place before any PHI is processed.
For ERP customers operating under SOX, the Audit and Ledger agents are designed to fit existing control frameworks.
SOC 2 Type I achieved (August 2025). Type II in progress. Reports are available under NDA.
HIPAA: Business Associate Agreements are signed before any PHI is processed. Health vertical customers operate under a BAA from day one.
PIPEDA, GDPR, and CCPA obligations are covered in the Privacy Policy.
Vendors that touch customer or prospect data:
Microsoft Azure, Microsoft Graph, and Anthropic touch live customer data. Vercel, Formspree, and Google Workspace only touch marketing data captured through echoagents.io.
If we add or change a sub-processor, we update this page and notify active customers by email.
The following documents are available under NDA. Email security@echoagents.io to request a copy.
Items covered in your contract live there: the Master Services Agreement, the Data Processing Addendum, the Business Associate Agreement for healthcare customers, and the workflow-level scope and retention schedules.
Email security@echoagents.io with a clear description and reproduction steps.
We acknowledge reports within 1 business day and respond with triage within 5 business days.
Please do not run automated scanners against production or attempt to access data that is not yours. Coordinated disclosure only.
Customers impacted by a confirmed security incident are notified within 72 hours of confirmation. This aligns with the GDPR Article 33 timing standard.
The notification covers:
Post-incident, we publish a written root-cause analysis to affected customers and update internal controls.
Annual third-party penetration testing covers the agent runtime, the Teams audit feed, and the customer-facing API surface. Critical and high findings are remediated before the report closes.
The current report is available under NDA. Email security@echoagents.io to request a copy.
If you need to halt automation, the runbook covers three steps:
The runbook is documented in every customer's onboarding and rehearsed before any agent is set to auto-execute.
We update this page when our security posture changes (new controls, new sub-processors, new certifications). Active customers receive an email summary of material changes. Past versions are available on request.