Security — 5 Layers of Protection
Your data is protected at every step—from transmission to processing to storage. ISO 27001:2022 certified infrastructure ensures enterprise-grade security.
Security Architecture
Transport Security
TLS 1.3 encryption for all data in transit. HSTS enforced with a 1-year max-age. No unencrypted HTTP connections accepted. Certificate validation on every request.
Processing Security
Isolated processing environment. All NLP models run on our own servers — no data is sent to Meta, Google, or any third-party AI provider. Requests are processed in isolated containers with no cross-user data access. No data is persisted after processing completes.
Authentication
JWT tokens with 15-minute expiry and secure refresh flow. Optional two-factor authentication (2FA) for all accounts. API keys scoped to specific operations. Rate limiting and anomaly detection on all endpoints.
Infrastructure
ISO 27001:2022 certified data center in Falkenstein, Germany. EU data residency guaranteed — your data never leaves the European Union. Physical security with 24/7 monitoring and redundant power and cooling.
Encryption at Rest
AES-256-GCM encryption for any temporary storage. Encryption keys are rotated regularly and stored in a separate key management service. Zero-knowledge key derivation using Argon2id for password-based encryption.
Certifications & Compliance
- ISO 27001:2022 Certified
- GDPR Compliant
- EU Data Residency
- Regular Security Audits
- Zero-Knowledge Password Architecture — derived keys never stored server-side
- Regular third-party penetration testing