Your data stays yours.
Period.
Enterprise-grade security, complete audit trails, and a guarantee that your business data is never used to train AI models.
Built for security-conscious teams
Every feature designed with enterprise security requirements in mind.
Data Encryption
All data encrypted at rest (AES-256) and in transit (TLS 1.3). Your conversations are protected end-to-end.
No Training Guarantee
Your business data is never used to train AI models. We have contractual agreements with all LLM providers.
Secure Infrastructure
Hosted on AWS with SOC 2 Type II certified data centers. Multi-region redundancy ensures availability.
Access Controls
Role-based access, SSO integration, and granular permissions. Control exactly who can do what.
Audit Logging
Complete audit trails of all AI interactions. Export logs for compliance reviews and investigations.
PII Protection
Automatic detection and optional redaction of sensitive information before it reaches AI models.
The Grengin Data Guarantee
Your business conversations will never be used to train AI models. This isn't just a policy—it's a contractual guarantee with all our LLM providers.
- OpenAI Enterprise API terms prohibit training on your data
- Anthropic Claude API has zero-retention policies
- Open source models run on our infrastructure, not third-party
- We'll sign a Data Processing Agreement (DPA) on request
Certifications & Standards
We meet the security standards your industry requires.
SOC 2 Type II
Annual audit of security controls for data protection, availability, and confidentiality
GDPR
Full compliance with EU data protection regulations, including data processing agreements
HIPAA
Business Associate Agreements available for healthcare organizations
ISO 27001
International standard for information security management systems
Need documentation for your security review?
Request Security PacketCommon security questions
Where is my data stored?
All customer data is stored in AWS data centers in the United States (us-east-1 and us-west-2). Enterprise customers can request specific regional data residency.
How long is data retained?
Conversation history is retained according to your plan (30, 90, or unlimited days). You can delete data at any time, and we purge it from all systems within 30 days of deletion.
Who has access to my data?
Only authorized Grengin employees with a legitimate business need can access customer data, and all access is logged. We never share data with third parties except as required to provide the service (e.g., sending prompts to AI providers).
Is my data used for AI training?
No, never. We have explicit contractual agreements with OpenAI, Anthropic, and other providers that prohibit using customer data for model training. Your business conversations stay private.
What happens if there's a breach?
We have incident response procedures in place and will notify affected customers within 72 hours as required by GDPR. We carry cyber liability insurance and conduct regular penetration testing.
Security architecture
Built on AWS with defense-in-depth security practices. Multiple layers of protection ensure your data stays safe.
- Network Security: VPC isolation, WAF, DDoS protection
- Application Security: Regular penetration testing, dependency scanning
- Data Security: Encryption at rest and in transit, key rotation
- Access Security: Zero-trust architecture, privileged access management
- Monitoring: 24/7 security monitoring, automated threat detection
Ready for a security review?
Our security team is standing by to answer your questions and provide documentation.