data protection
UK GDPR · EU GDPR
DPA available pre-contract.
in placeAIR is architected for enterprise security and compliance from the ground up — not bolted on after the fact. Every piece of infrastructure, every data path, every model call is designed to pass the scrutiny your CISO, DPO, and procurement team will bring.
Specific architectural commitments — the kind that survive scrutiny because they’re written into the build, not the policy.
Every customer's data lives in a dedicated PostgreSQL schema and a dedicated Kubernetes namespace. A bug in our application layer cannot leak data across tenants because the data isn't in the same place to begin with.
NetworkPolicy rules in the cluster prevent pods in one tenant's namespace from making egress requests into another's, even via local DNS.
Every outbound LLM request passes through AIR's proxy service. The proxy runs deterministic detectors for PII (emails, phones, names, IDs, structured identifiers) and replaces them with placeholders before the message leaves your infrastructure boundary.
Models see "<EMAIL_1>" and "<PERSON_3>" where you wrote real values. Responses are re-hydrated on the way back. The provider never sees the original.
Each interaction with your data — whether by a bot, a human, or our own engineers under break-glass — produces an immutable log entry. Logs are tenant-scoped, signed, and exportable in the formats your auditor expects.
Conversation history is retained for the duration of your engagement plus 90 days, then purged. Configurable per tenant.
Engineering access to production is just-in-time, MFA-enforced, and audited. Break-glass workflows require a second signer. No engineer has standing access to customer data.
Internal IAM is rebuilt regularly from declarative source; there is no long-lived ACL drift.
End to end, in five hops. The PII redaction step is the load-bearing one — it’s the difference between “we trust the LLM provider” and “we don’t have to”.
The controls a procurement team will ask about, with an honest read on each one’s current status.
All ingress and inter-service communication encrypted. HSTS enabled. No plaintext anywhere.
RDS, S3, and EBS volumes encrypted with AWS KMS. Keys rotated annually. Per-tenant key isolation on the roadmap for Q4.
Customer access via Microsoft Entra ID. MFA enforced on the tenant. Internal access via Okta + WebAuthn.
RDS point-in-time recovery (35 days). Daily snapshot, retained 30 days. Cross-region replication on the roadmap.
Dependency scanning on every build. Container image scanning. Quarterly external penetration test.
24/7 on-call rotation. Documented runbooks. Customer notification within 72 hours for any incident affecting your data.
eu-west-2 (London) as the default region. eu-west-1 (Dublin) failover. Multi-region selection for enterprise customers.
On contract end, all customer data is purged within 30 days. Export available before purge. Audit logs retained per regulatory minimum.
Contracts with every LLM provider explicitly forbid use of your data for training. We do not train models ourselves.
A short, deliberately curated list. Each provider has a signed DPA with Glowar Ltd and contractual restrictions on data use.
| Provider | Purpose | Region | Data shared |
|---|---|---|---|
| Amazon Web Services | Cloud infrastructure (EKS, RDS, ElastiCache, S3) | eu-west-2 / eu-west-1 | All platform data, encrypted |
| Anthropic | Claude family models | EU / US | Redacted message text only |
| OpenAI | GPT-4o family models | EU (via Azure OpenAI) | Redacted message text only |
| Google Cloud | Gemini family models | EU | Redacted message text only |
| AWS Bedrock | Multi-model gateway (Anthropic, Cohere, etc.) | eu-west-2 | Redacted message text only |
| Microsoft | M365 identity, Teams, Graph API | Customer tenant region | Identity + Teams content per your config |
| Okta | Internal SSO for Glowar engineers | EU | Internal user data only |
| Datadog | Operational monitoring & logging | EU | System metrics + audit logs (no PII) |
| HubSpot | CRM for marketing-site form submissions & opt-in website analytics | US (SCCs in place) | Contact details from the apply / register-interest forms; opt-in website analytics |
a current signed list of sub-processors is available on request from [email protected]
The eight questions we hear most in security reviews. If yours isn’t here, email [email protected].
By default, in AWS eu-west-2 (London) with multi-AZ replication. Failover region is eu-west-1 (Dublin). For enterprise customers we offer region pinning to other AWS regions where AIR is deployed.
Data never leaves the contracted region except for: (a) the redacted text sent to LLM providers, which is governed by separate region commitments per provider, and (b) operational metadata sent to monitoring (no PII, no message content).
No. We do not train models ourselves. Every LLM provider in our supply chain has a contract with Glowar Ltd that explicitly forbids the use of your data for training their models. This is reflected in our DPA and in the providers’ own enterprise terms.
Every outbound LLM request passes through our redaction proxy. The proxy identifies and replaces PII (emails, phones, names, IDs, free-text identifiers, structured identifiers) with placeholders before the message leaves your tenant boundary.
The LLM provider receives only redacted text. The response is re-hydrated on the way back. The original PII is stored in your tenant’s vault, encrypted with tenant-isolated keys.
On contract end, all customer data is purged from our systems within 30 days. Before purge, you can request a full export of conversation history, audit logs, and configuration in machine-readable form.
Audit logs required for our regulatory obligations are retained for the legally mandated minimum and then deleted.
Not yet. The technical controls aligned with SOC 2 Type II are in place, with the formal audit scheduled for 2026. ISO/IEC 27001 alignment work is underway, with certification scheduled for 2027.
In the meantime we provide a detailed security pack covering each Trust Service Criteria mapping, available on request from [email protected].
We have a documented incident response process and 24/7 on-call rotation. Customers affected by an incident impacting their data will be notified within 72 hours of confirmation.
Notification includes scope, root cause analysis, immediate mitigations, and remediation timeline. We will not disclose your incident to other customers without your consent.
Yes. We support customer-conducted penetration tests against a dedicated staging environment, subject to a Rules of Engagement document and 14 days’ notice. Testing on production tenants is not permitted as it creates risk for other customers.
No Glowar engineer has standing access to customer data. Production access is granted just-in-time through a break-glass workflow that requires a second signer and produces an audit-log entry visible to you.
The number of engineers ever to have used break-glass on a customer tenant is reported in your quarterly security review.