Private by default
One login opens role-based workspaces. Organization records, member schedules, artist engagements, agency work, and documents stay scoped to the people assigned to them.
Trust Center
Designed for procurement readiness.
Kalinklo is where classical music organizations run the week and manage the engagement. Trust starts with the product shape: private workspaces, least-privilege access, rights-aware materials, and a record of every important action.
Trust boundary
One identity. Role-based dashboards. Permissioned records.
There is no separate orchestra login, artist login, or agency login. The same account can be a member, substitute, librarian, personnel manager, artist, agent, presenter, and admin, with each workspace revealing only the records that role can safely use.
Assignment-based access
Members and substitutes see the productions, services, announcements, and documents tied to their assignment. Substitute access can expire after the final service.
Rights-aware materials
Library Desk tracks rights status, approval state, expiry, acknowledgement, version, and access events before protected materials are opened.
Auditable operations
Requests, holds, quotes, contracts, invoices, settlements, document opens, acknowledgements, and admin actions leave an attributable trail.
Procurement packet
Clear answers before a buyer has to ask.
Kalinklo does not claim SOC 2 or ISO 27001 certification today. The public packet states current controls, current subprocessors, current retention posture, and the roadmap honestly.
Security practiceDetailed model for tenant boundaries, gated documents, MFA, rate limits, CSP, responsible disclosure, and current compliance roadmap.PrivacyData ownership, processor posture, retention expectations, and the boundaries around private workspace data.TermsThe public legal terms for using Kalinklo and the operational boundaries for the platform.DPA templateDownloadable data-processing template for procurement review.Trust packetDownloadable procurement packet covering controls, retention, subprocessors, and current status.
Access model
Built around what each role is allowed to know.
- No permanent public links for protected music materials.
- Cross-workspace detail probes collapse safely instead of revealing whether a record exists.
- Agency commission details stay inside the agency workspace unless explicitly shared.
- Member portals do not expose contracts, invoices, agency commissions, or internal personnel notes.
- AI features are drafts and summaries only; external commitments require human approval.
Need the packet?
Security review should not start from a sales deck.
Start with the security page, DPA template, and trust packet. For vendor questionnaires or institution-specific procurement review, contact security@kalinklo.com.