Private AI

Private AI
Learn More Get Started
Trust & Security Center

Security & compliance
you can verify.

PrivateAI is built on a foundation of independently audited controls within our certified AWS organisational environment — giving you enterprise-grade security and compliance without the overhead of managing it yourself.

ISO 27001
Certified Dec 2025
ISO 27701
Certified Dec 2025
GDPR
EU Data Protection
PDPA
ASEAN Aligned
MAS TRM
Singapore Aligned
Essential 8
Australian Aligned
All systems operational — Last reviewed: April 2026
✓  No active incidents
✓  ISO 27001 certified
✓  ISO 27701 certified
✓  MAS TRM aligned
✓  Essential Eight aligned
Compliance & Certifications
Independently verified, always current

Our certifications are maintained through continuous monitoring and monthly internal reviews. ISO 27001 and ISO 27701 were independently certified in December 2025. All documentation is available on request following a short NDA process.

🛡️
ISO 27001
Information Security Management System — independently certified December 2025. The gold standard for enterprise security controls.
Certified Dec 2025
🔒
ISO 27701
Privacy Information Management System — independently certified December 2025. Extends 27001 to cover personal data handling and privacy.
Certified Dec 2025
🇸🇬
MAS TRM
Monetary Authority of Singapore Technology Risk Management Guidelines — our security controls, infrastructure, and governance practices are aligned to MAS TRM requirements.
Aligned
🇦🇺
Essential Eight
Australian Cyber Security Centre’s Essential Eight Maturity Framework — aligned at Maturity Level 2, targeting the controls defined in the ACSC guidance.
Aligned — Targeting ML2
🇪🇺
GDPR
Full alignment with EU General Data Protection Regulation across data collection, processing, and retention.
Aligned
🌏
PDPA
Personal Data Protection Act compliance for customers operating across ASEAN markets.
Aligned
🏥
HIPAA Readiness
Controls architecture designed to support HIPAA requirements for health data — activated on client request.
Customer-Driven
📋
SOC 2
Security, availability, and confidentiality controls mapped to the SOC 2 Trust Services Criteria.
Controls Mapped
🧭
NIST CSF
Cybersecurity Framework mapping across Identify, Protect, Detect, Respond, and Recover functions.
Controls Mapped
🤖
ISO 23894
AI risk management guidance — applied to our agentic AI deployments and client solution governance.
Guidance Applied
🔭
ISO 42001
AI Management Systems standard — evaluation underway. Timeline driven by customer demand and regulatory developments.
Roadmap
🔧
CIS Benchmarks
Centre for Internet Security hardening benchmarks applied to infrastructure configuration where applicable across our AWS environment.
Aligned
Security Architecture
Defence in depth — from infrastructure to application

PrivateAI runs on our own certified AWS organisational environment with layered security controls at every tier. Your data is hosted within our ISO 27001-certified infrastructure — not a shared public cloud tenancy. No shared tenancy. No shortcuts.

☁️
AWS Cloud Infrastructure
Deployed on dedicated AWS instances across multiple availability zones. Infrastructure-as-code ensures reproducible, auditable environments with no manual drift.
🔐
Encryption at Rest & In Transit
AES-256 encryption at rest for all data stores. TLS 1.3 enforced across all client connections. Keys managed through AWS KMS with rotation policies.
👤
Identity & Access Management
Role-based access control (RBAC) enforced across all systems. MFA required for all administrative access. Principle of least privilege applied throughout.
🕵️
Monitoring & Threat Detection
Continuous log aggregation and anomaly detection via AWS CloudWatch and GuardDuty. Alerts routed to a 24/7 security response channel.
🧪
Vulnerability Management
Automated dependency scanning in all CI/CD pipelines. Periodic third-party penetration testing. Critical patches applied within 24 hours of disclosure.
🚨
Incident Response
Documented IR playbooks aligned to NIST SP 800-61. Affected clients notified within 72 hours of a confirmed incident, per GDPR requirements.
🏢
Network Isolation
Client environments deployed in isolated VPCs. No cross-tenant data access possible by design. Private networking between services with no public exposure.
💾
Backup & Recovery
Automated daily backups with 30-day retention. Cross-region replication for enterprise clients. RTO and RPO targets defined per service tier in client SLAs.
🧑‍💼
Personnel Security
Background checks for all staff with access to production systems. Security awareness training completed annually. Contractors bound by NDA and access-limited by default.
AI & Data Protection
How we govern AI processing of your data

Our AI and LLM processing is governed by privacy-by-design principles. We apply data minimisation, access control, logging and retention controls, and conduct vendor risk reviews before any new AI subprocessor is introduced.

✂️
Data Minimisation & Redaction-First
We apply a redaction-first approach to AI processing — only the minimum data required to answer a query is passed to a model. Sensitive fields are masked or excluded by default unless explicitly scoped.
📋
Controlled Logging & Retention
AI query logs are retained only as long as necessary for audit and debugging purposes, under documented retention controls. Clients can request log retention periods specific to their compliance requirements.
🔍
Vendor & Subprocessor Risk Assessment
Every AI model provider or third-party service that may process client data is assessed before use — covering data handling practices, contractual protections, and certification status. We do not onboard AI vendors without a documented risk review.
📝
Honest Claims, Not Marketing Language
We do not publish blanket “zero retention”, “no training”, or “EU-only” claims unless these are contractually evidenced for your specific service scope. Ask us what applies to your deployment and we will confirm it in writing.
🏠
Private Deployment Option
For clients requiring full model isolation, PrivateAI can deploy a dedicated AI model within our certified AWS organisational environment — fully isolated from other clients, with no data leaving our secure perimeter for inference. ISO 27001 and ISO 27701 controls apply to this environment. Available on Pro+ and Enterprise plans.
🧾
Traceable & Auditable Outputs
AI-generated outputs in our finance and compliance agents include citations and source traceability — designed to support audit preparation and compliance workflows, not replace human review.
Privacy & Data Handling
Your data stays yours

We operate on a strict data minimisation and purpose-limitation basis. Client data is never used to train models or shared with third parties without explicit consent.

🎯
Purpose Limitation
Data collected is used only for the purposes explicitly agreed with the client. No secondary use without separate consent.
✂️
Data Minimisation
We collect and retain only the minimum data necessary to deliver the contracted service. No speculative data collection.
🚫
No Model Training
Client data is never used to train, fine-tune, or evaluate AI models — ours or any third party’s. This is a contractual commitment.
🌍
Data Residency
Client data is hosted in the agreed AWS region. Cross-border transfers are governed by SCCs or equivalent mechanisms.
📝
DPA Available
A standard Data Processing Agreement is available for all clients. Custom DPA terms are negotiated for enterprise engagements.
👁️
Transparency Logs
Clients can request access logs showing who accessed their data, when, and for what purpose, at any time.
📂
Right of Access
You can request a full export of all personal data we hold about you or your organisation within 30 days.
✏️
Right to Rectification
Inaccurate personal data will be corrected promptly upon request. Contact [email protected] to raise a correction.
🗑️
Right to Erasure
You may request deletion of your personal data. Requests are fulfilled within 30 days subject to legal retention obligations.
Right to Object
You may object to processing of your data for any purpose where we rely on legitimate interests as our legal basis.

Submit a data rights request to [email protected]. We will acknowledge within 48 hours and fulfil within the statutory period.

Data Category Retention Period Basis Disposal Method
Client operational data Duration of contract + 12 months Contractual obligation Secure deletion / AWS data wipe
Audit & access logs 24 months Legal / regulatory Encrypted archive then deletion
Contact & account data Contract term + 36 months Legitimate interest Anonymised or deleted on request
Incident records 5 years Legal obligation Archived, then securely deleted
Financial records 7 years Tax / regulatory Per statutory requirements
Subprocessors
Third parties that process client data

A subprocessor is a third party that processes personal data on our behalf as part of delivering the PrivateAI service. We maintain this list under GDPR Article 28. Clients are notified of any additions 30 days in advance, with the right to object. Self-hosted open-source tools running entirely within your AWS environment are not subprocessors — the processor relationship for those is with AWS.

Subprocessor Purpose Data Location Engagement Certification
Amazon Web Services Cloud infrastructure & hosting — all client environments Client-selected region (default: ap-southeast-2 Sydney) Always ISO 27001 SOC 2
Anthropic AI model inference via API — when client workloads use Claude models US / EU (configurable via enterprise agreement) Conditional Zero-retention API
Google Cloud AI model inference or storage — when client workloads use Google models or GCS Client-selected region Conditional ISO 27001 SOC 2
Microsoft Azure AI model inference or storage — when client workloads use Azure OpenAI or Azure services Client-selected region Conditional ISO 27001 SOC 2
Vast.ai GPU compute for on-demand model inference — when client workloads require burst GPU capacity Variable (region specified at job submission) Conditional Contractual DPA

Conditional means the subprocessor is only engaged when a client’s specific use case requires it — it is not active for all deployments. Last updated: April 2026. Contact [email protected] to request the full subprocessor register or to be notified of changes.

Common Questions
Security & compliance FAQ

Questions we’re asked in every enterprise sales process — answered up front so your security team can self-serve.

No. Client data is never used to train, fine-tune, or benchmark any AI model — ours or a third party’s. When we engage hosted model APIs (e.g. Anthropic, Azure OpenAI), we do so under enterprise agreements with data processing controls, and we conduct vendor risk assessments before use. We do not make blanket “zero retention” or “no training” claims unless these are contractually evidenced for your specific service scope — ask us and we will confirm in writing what applies to your deployment.
All client data is hosted in your nominated AWS region, specified at contract signing. Australian clients default to ap-southeast-2 (Sydney). We do not move data across regions without written consent. Data residency is documented in the DPA.
Production data access is restricted to a named subset of senior engineers on a break-glass basis. All access events are logged and auditable. Clients can request an access log at any time. We operate on the principle of least privilege — no standing access to client production environments.
Yes. Certificates are shared upon a signed NDA or as part of a formal vendor assessment process. Submit a request via [email protected] and our team will respond within two business days.
Annual third-party penetration testing is conducted on the PrivateAI platform. Executive summaries and remediation reports are available to enterprise clients under NDA. Contact [email protected] to initiate a request.
Our IR plan requires notification to affected clients within 72 hours of a confirmed breach, consistent with GDPR Article 33. Notifications include: what data was affected, how, what we’ve done to contain it, and recommended actions for you. A detailed post-incident report follows within 30 days.
Yes. All team members — regardless of location — are bound by our information security policy, complete annual security awareness training, and operate under NDAs. Access is provisioned on a role and project basis with no standing production access by default.
Yes. Send your questionnaire to [email protected]. Standard questionnaires (SIG Lite, CAIQ, custom) are typically turned around within 5 business days. We maintain pre-completed responses to common frameworks to accelerate your review.
The Australian Cyber Security Centre’s Essential Eight Maturity Model defines four levels (ML0–ML3). We have aligned our controls to the requirements defined at Maturity Level 2 — covering patching, application hardening, MFA, and restricted admin privileges to ML2 standards. We have not yet undergone a formal third-party maturity assessment. “Targeting ML2” is the honest and accurate way to represent our current posture.
MAS TRM (Monetary Authority of Singapore Technology Risk Management Guidelines) is a regulatory guideline, not a certifiable standard. Alignment means our infrastructure and security controls are designed to meet MAS TRM requirements — covering technology risk governance, system resilience, access controls, and incident management. Singapore-regulated clients can request our MAS TRM control mapping document via [email protected].

Accelerate your vendor assessment

Certificates, DPA, pen test summary, and a completed questionnaire — one email, two business days.

[email protected] Compliance requests →