What I'm interested in is how you plan to protect the users' private keys (even from employees of your company)?
Nobody has access to the private keys, they are created by the chips inside Tangem Notes. You can't import or export these keys. You can't get them out in a lab, because the chip is an EAL6+ secure element. You can't hack the firmware — it's based on EAL6+ cryptographic libraries, has minimal attack surface and 100% audited both internally and by one of the best independent security groups.
Of course there's a limit to security and reverse–engineering labs in China get upgraded — we have a dynamic roadmap to improve security in anticipation of more sophisticated attacks and attack vectors.