Your data security is our top priority. We combine encryption, compliance, and cloud isolation to ensure your documents stay private and protected.
All documents are encrypted in transit using TLS 1.3 and at rest with AES‑256. This ensures that your data cannot be intercepted or read by unauthorized parties.
Each customer’s data is stored in separate corpora with strict multi‑tenant isolation. Your company’s knowledge base is logically and cryptographically isolated from others.
We enforce role‑based access control (RBAC) with support for SSO and SAML. Admins can manage roles, audit logs, and enforce least‑privilege access.
Phyxius is built on Google Cloud and aligns with SOC 2, GDPR, and HIPAA best practices. We are actively pursuing SOC 2 Type II certification and publish regular updates on our roadmap.
Your documents are never used to train third‑party or external AI models. Our retrieval‑augmented generation (RAG) approach ensures responses are grounded only in your content.
We continuously monitor our infrastructure for unusual activity and run automated checks to ensure compliance with our security baselines.
Independent auditors evaluate our controls annually as part of our SOC 2 Type II certification process. We share reports with customers upon request.
Our engineers follow secure coding practices and undergo annual security training. All code changes are reviewed and tested before deployment.
Our team is happy to walk you through our controls and share more about our compliance roadmap.
Contact Us