Privacy Policy
Data Isolation Standards
Your privacy is our primary operating contract. We enforce complete logical and physical isolation of client workloads. Data ingested from client environments is segregated using distinct cryptographic keys.
No diagnostic logs, telemetry packets, or database records are ever shared across clients or used for public model training.
Local-First Model Prioritization
Our platform defaults to local-first processing. All sensitive inputs—including credentials, environment configuration, database schemas, and proprietary code—are handled strictly on local nodes.
Only non-sensitive, aggregated, or anonymized performance metrics are permitted to route to external APIs, subject to real-time compliance filters.
Secure Credential and Secret Management
Credentials, API keys, and connection tokens are injected at runtime using Doppler secret management. They are never committed to repositories or written to persistent disk files in clear text.
Automated rotations are performed regularly. Any rotation event triggers a cryptographic audit log visible only to the company administrator.
GDPR & EU AI Act Compliance
We align our multi-provider routing and local execution boundaries with the highest global compliance standards. In particular, we enforce European Data Protection Board (EDPB) principles on AI models, guaranteeing data subject rights and preventing untraceable processing.