Security & Privacy
- Home
- Security
Privacy First
Your Data Stays Yours
No Data Training
Your conversations, files, and generated content are never used to train AI models. What you create is yours alone.
Self-Hosted Analytics
We run our own analytics. No Google Analytics, no Facebook Pixel, no third-party trackers watching your every move.
No Data Selling
We don't sell your data. Period. Our business model is simple: you pay us for a service, not the other way around.
Account Security
Protected Access
Multi-Factor Authentication
TOTP-based MFA with authenticator app support. Recovery codes included. Your account, double-locked.
Encrypted Storage
API keys encrypted at rest with libsodium. Passwords hashed with bcrypt. Your secrets stay secret.
Account Lockout
Automatic lockout after failed login attempts. Brute force protection built in. Bad actors get blocked.
Session Invalidation
Change your password? All sessions invalidated instantly. Lost a device? One click logs out everywhere.
API Key Security
256-bit cryptographically secure keys. Only hashes stored. Rotate anytime. Full control in your hands.
CSRF Protection
Every state-changing request validated. Cross-site attacks blocked. Security headers enabled by default.
Compliance
Global Standards
Infrastructure
Built Secure
Nordic Servers
Infrastructure in Iceland and Finland. Strong privacy laws. Powered by geothermal and hydroelectric energy.
TLS Everywhere
All connections encrypted in transit. HTTPS enforced. No exceptions. Your data travels safely.
Isolated Processing
Your workloads don't mix with others. Dedicated processing. Clean separation between tenants.
Questions?
We're Happy to Talk Security
Have specific security requirements or compliance questions? Reach out.
Contact Us