Trust & security at Skoll

What does "SOC 2-aligned" mean, exactly?

We want to be precise, because the phrasing matters. "SOC 2-aligned" means we operate according to the controls the SOC 2 framework defines, covering security, access management, encryption, logging, and change management. It is a description of how we run, in line with that framework.

It is not the same as holding a completed, independently audited SOC 2 Type II report. We are telling you what is true today rather than implying an attestation we have not described. If your procurement process requires a specific report or questionnaire, email [email protected] and we will give you a straight answer on exactly where we stand.

How is my data isolated?

Your data is isolated per workspace. Each customer's data lives within its own workspace boundary rather than being pooled into a shared environment, and it is never used to train shared models. What happens in your workspace stays scoped to your workspace.

Data is encrypted both in transit and at rest. The combination, per-workspace isolation plus encryption, is what keeps one customer's GTM data from being visible to, or learned from by, another.

What can Skoll actually access?

Only the systems you explicitly connect. Skoll authenticates to your CRM, outreach tools, and data sources using scoped credentials, the minimum access needed to do the job, and you can revoke those credentials at any time. If you disconnect a tool, Skoll's access to it ends.

Your CRM remains the source of truth. Skoll reads from it and writes back to it as part of running the motion, but nothing leaves your perimeter without your approval.

Is every agent action auditable?

Yes. Skoll keeps a full audit log of every action its agents take, so you can see what was done, to which records, and when. Because the work is performed by named, specialized agents, Midas, Argus, Hermes, Athena, and Icarus, the log attributes each action to the agent and the plan step that triggered it, rather than presenting an opaque automation.

Who is behind Skoll?

Skoll is built by Launchyfi LTD, a UK-registered company (company number 16422928), trading as Skoll. The platform was created by a founding team that ran go-to-market as an agency for B2B SaaS companies in the $500K–$10M ARR range before turning that operating experience into a product. For questions about data handling, security, or vendor due diligence, contact [email protected].

Frequently asked questions

Is Skoll SOC 2 certified?

Skoll follows SOC 2-aligned practices: the controls and processes the SOC 2 framework describes, applied across access, encryption, logging, and change management. That is a description of how we operate, not a claim to hold a completed SOC 2 Type II report. If you need to see a specific attestation or are running formal vendor due diligence, contact [email protected] and we will tell you exactly where we are.

Is my data isolated from other customers?

Yes. Your data is isolated per workspace. Skoll does not pool customer data into a shared environment, and your data is never used to train shared models. Each workspace operates against only the systems and credentials its owner has connected.

What systems can Skoll access, and can I revoke it?

Skoll only accesses the systems you explicitly connect, using scoped credentials you can revoke at any time. It does not reach into anything you have not authorized. When you disconnect a tool or revoke a credential, Skoll loses access to it.

Does Skoll change my CRM data?

Your CRM stays the source of truth. Skoll reads from it and writes to it as part of running the motion, but nothing leaves your perimeter without your approval, and every action the agents take is recorded in an audit log you can review.

Can I delete my data?

Yes. We support data deletion on request. Contact [email protected] to request deletion or to ask any question about how a specific piece of data is handled.