Mako
Mako Sovereignty

The most private AI in the dealership category.

Public dashboard. Live counters. Real audits. We don't need to be SOC 2 compliant on customer data because we have no customer data to protect.

customer data detected at Mako Central
1,000
All-time since launch
Conversations processed today
0
Across 12 verticals
Customer records stored
1,000
At Mako Central
Last verified: just now · Audit method: independent automated sampling · See methodology below
The empty scope

What Mako Central never sees, stores, or touches in the clear.

Never received in the clear

  • Customer names
  • Customer phone numbers
  • Customer email addresses
  • Customer physical addresses
  • Plaintext message bodies — every conversation is redacted and tokenized at the MakoNode first
  • Financial details (SSN, credit score, income)
  • Trade-in VINs or license plate numbers
  • Driver's license numbers
  • Date of birth
  • Family member names

Never stored

  • The above (because we never received it in plaintext)
  • Plaintext conversation transcripts — we only retain tokenized, anonymized text
  • Customer profiles
  • Lead records
  • Activity history tied to a real person
  • Any personally identifiable information whatsoever

Our SOC 2 scope on customer data is empty. There's nothing to audit because there's nothing there.

The honest scope

What we do hold, and why none of it is yours.

Tenant configuration

Your billing information, contracts, business contact details. This is our customer data — about your dealership as our customer — not about your customers. SOC 2 Type II report on this scope expected by 2027.

Pseudonymous tokens

[NAME:1], [PHONE:1], [LOCATION] — placeholder labels that mean nothing without the local vault on your MakoNode. The token vault is on your hardware. We can't reverse-engineer the tokens.

Outcome metadata

Booked. Sold. Lost. No-response. With anonymized facts about what worked: subprime trade-in customers with $30K budgets and Honda Civics close 40% better with finance specialist taking the lead. Patterns, not people.

Cole's Notes

Compressed, anonymized facts about each conversation: vehicle of interest, budget range, credit profile, intent. No names. No phones. No transcripts. Just enough for the AI to maintain context across turns.

Methodology

How we keep the counter at zero.

  1. 1
    Every message gets two local checks. Semantic scrub + deterministic redaction. Both must clear or the message is held for review.
  2. 2
    Mako Central runs a third backstop check. If customer data somehow reached our cloud, we reject the request and alert engineering.
  3. 3
    A weekly automated audit samples ~50 random conversations. Verifies tokenization integrity. Findings published below.
  4. 4
    Every audit failure (when they happen) is logged here transparently. Counter resets, root cause published, fix documented.

Recent audits

DateSampledcustomer data leakageNotes
2026-05-17500Routine audit
2026-05-10500Routine audit
2026-05-03500Routine audit
2026-04-26500Routine audit
2026-04-19500Routine audit
2026-04-12500Routine audit
2026-04-05500Routine audit
2026-03-29500Routine audit
2026-03-22500Routine audit
2026-03-15500Routine audit

Watch the architecture work.

Our live conversation feed shows every Mako interaction in real time — tokenized, anonymized, and safe to display publicly.

Open live.gotmako.ai →

Read the architecture spec.

Detailed walkthrough of the appliance, the customer data firewall, the two-layer scrub, and the stock-number disambiguation pattern.

Read /architecture →