Security

Built for trust.
Proven by design.

Defense-in-depth architecture protects every request, every response, and every piece of your data — from edge to storage.

SOC 2 Type IIGDPR CompliantSelf-HostableAir-Gappable

Defense in depth.

Edge protection

DDoS protection, rate limiting, and filtering before requests reach our systems.

Input safety

Every input classified and sanitized. Prompt injection prevention built in.

Fine-grained access

Role-based access control verified on every single API call.

Total isolation

Your data is architecturally isolated. Cross-user access is impossible.

Sandboxed tools

All computational verification runs in isolated containers.

Audit trails

Immutable, tamper-evident logs of every interaction.

Your data. Your rules.

Encryption everywhere

TLS 1.3 in transit. AES-256 at rest. Zero plaintext storage.

Complete data portability

Export all your data in standard formats at any time.

Right to deletion

Full deletion within 30 days across all storage systems.

We never train on your data

Your conversations are never used to train or improve our models.

Self-hosted control

Enterprise plan: deploy on your own infrastructure.

Security you can verify.

Contact security team Privacy policy