Security & Compliance

Enterprise-grade security certifications and compliance built into every deployment. Your data stays yours.

Request Security Briefing

Certifications & Standards

SOC2 Type II

Independent audit of security controls over time, covering security, availability, processing integrity, confidentiality, and privacy.

  • • Annual third-party audits
  • • Continuous monitoring
  • • Evidence portal access
HIPAA

Full compliance with Health Insurance Portability and Accountability Act for protected health information (PHI).

  • • Business Associate Agreements
  • • PHI encryption at rest and in transit
  • • Audit logging and access controls
GDPR

General Data Protection Regulation compliance for EU data protection and privacy requirements.

  • • Data Processing Agreements
  • • Right to erasure support
  • • Data residency controls

Data Handling & Privacy

No Training on Customer Data

Your data is never used to train or improve our models. All customer data is isolated and used only for your specific requests.

  • • Zero data retention by default
  • • Configurable retention windows
  • • Automatic data deletion
Encryption & Key Management

End-to-end encryption with customer-managed keys. All data encrypted in transit and at rest.

  • • TLS 1.3 for data in transit
  • • AES-256 for data at rest
  • • Bring Your Own Key (BYOK) support
Access Controls & Audit Logs

Comprehensive audit logging and role-based access control for all operations.

  • • RBAC with custom roles
  • • Complete audit trail
  • • SIEM integration support
Data Residency & Sovereignty

Choose where your data is processed and stored to meet regulatory requirements.

  • • Regional deployment options
  • • Data localization controls
  • • Cross-border transfer safeguards

Secure Deployment Options

SaaS API

Fully managed cloud deployment with enterprise security controls.

  • • IP allowlisting
  • • SSO/SAML integration
  • • DDoS protection
  • • 99.9% uptime SLA
Private VPC

Dedicated deployment in your cloud environment with full network control.

  • • VPC peering
  • • Private endpoints
  • • Custom security groups
  • • Dedicated compute
On-Premises

Air-gapped deployment for maximum security and compliance.

  • • Complete data isolation
  • • No internet connectivity required
  • • Custom hardware support
  • • White-glove deployment

Identity & Access Management

Enterprise-grade authentication and authorization with support for SSO, SAML, and SCIM provisioning.

API key authentication with rotation policies

OAuth2 and SAML SSO integration

SCIM 2.0 for automated user provisioning

Multi-factor authentication (MFA) support

Supported Identity Providers

• Okta
• Azure AD
• Google Workspace
• OneLogin
• Auth0
• Custom SAML

Have Security Questions?

Our security team is ready to discuss your specific requirements and compliance needs.

Request Security BriefingDownload Security Docs