Data Protection

Where your data lives and who can access it.

Understanding where your data is stored and how it's protected is essential for making informed decisions. This page answers the most common questions about data location, access, and protection.

Where Is My Data Stored?

Storage Infrastructure

Your Uploaded Files

Where: Amazon S3 (Simple Storage Service)

Region: Configurable based on your location

  • EU customers: AWS eu-west-1 (Ireland)
  • US customers: AWS us-east-1 (Virginia) or us-west-2 (Oregon)
  • Other regions available on request
Your Account Data

Where: AWS Cognito + AWS RDS/DynamoDB

What's Stored:

  • Username, email, password (hashed)
  • Organization settings
  • User roles and permissions
  • Login sessions
AI Processing (Google Gemini)

Where: Google Cloud (region varies by Google's infrastructure)

What Happens: When you ask the chatbot a question, your files are processed by Google's AI to find relevant answers. This processing happens in Google's secure data centers.

Important: Your data is not stored permanently on Google's servers for training purposes. It's only processed temporarily to answer your specific queries.

Regional Hosting: If you need data to stay in a specific region (for legal or compliance reasons), we can configure your account accordingly. Contact us to discuss your requirements.

How Data Flows Through Our System

Step-by-Step: What Happens When You Upload a File
1
You Upload a File

The file travels from your browser to our servers using HTTPS encryption (TLS 1.2+). No one can intercept it during this journey.

2
File Is Stored in AWS S3

Your file is immediately encrypted using AWS KMS (Key Management Service) and stored in a protected S3 bucket. Only your account can access it.

3
File Is Indexed for Search

The file is sent to Google's File Search RAG tool, which reads and indexes the content so the AI can answer questions about it. This happens securely over encrypted connections.

4
You Ask a Question

When you chat with the AI, your question is sent securely to Google's Gemini AI. The AI searches the indexed files (only yours, not other customers') and generates an answer.

5
Answer Is Returned to You

The AI's answer travels back to your browser, again over encrypted HTTPS. The conversation is not logged or shared with anyone else.

Who Can Access Your Data?

You & Your Team

Only users you explicitly add to your organization can see your files and chatbot.

✓ Full control

Other Customers

Completely isolated. Other organizations cannot see your data, even by accident.

✗ No access

Our Support Team

No direct access to your files or conversations. Only system-level info for debugging.

~ Limited, with permission

Support Access Policy: If you request help from our support team, we may ask for permission to view specific settings or logs (never file contents) to troubleshoot your issue. We will always ask first.

Data Isolation: How We Keep Your Data Separate

Multi-Tenant Architecture with Strong Isolation

We serve multiple organizations (multi-tenant), but your data is strictly isolated from others. Here's how:

Organization ID

Every file, user, and chatbot is tagged with your unique Organization ID. The system only shows you data matching your ID.

Separate S3 Folders

Your files are stored in S3 folders specific to your organization. AWS enforces access controls so other organizations cannot read your folder.

User Authentication

AWS Cognito verifies each user's identity and organization membership before granting access to any data.

Isolated AI Context

When Google's AI processes your query, it only has access to your organization's files—never data from other customers.

Think of it this way: It's like a secure office building where each company has its own locked suite. You can only enter your suite, and you can't even see into other companies' spaces.

Backups & Disaster Recovery

We take regular backups to protect against data loss from hardware failure, accidental deletion, or disasters.

Backup Frequency
  • Automated daily backups of all data
  • Retained for 30 days
  • Encrypted with the same protection as live data
Recovery Process
  • If you accidentally delete a file, contact us within 30 days
  • We can restore from backup (account-level restoration)
  • Recovery typically completed within 24 hours

Deleting Your Data

You Control Deletion
Deleting Individual Files
  • You can delete any file from your dashboard at any time
  • Deleted files are removed from live storage immediately
  • Backup copies are automatically purged after 30 days
  • The file is also removed from Google's AI index
Deleting Your Entire Account
  • Contact us to request account deletion
  • We permanently delete all your files, user data, and settings within 30 days
  • Billing records are retained for 7 years for tax compliance, then deleted
  • Deletion is permanent and cannot be reversed
Important: Once data is deleted (after the 30-day backup window), it cannot be recovered. Please ensure you have copies of any important files before deleting your account.

Common Questions

No. Your files are used only to power your specific chatbot. Google processes your data through their File Search RAG tool, but they do not use it to train their general AI models or share it with other customers. This is covered by Google's Cloud Data Processing terms.

Partially, yes. We can configure your account to store files in specific AWS regions (e.g., EU-only for European customers). However, Google's AI processing infrastructure is global, so some processing may occur outside your region. Contact us to discuss your specific data residency requirements.

In the unlikely event that we cease operations, we will notify all customers at least 90 days in advance and provide tools to export all your data (files, settings, conversation logs if applicable). Your data will be deleted from our systems 90 days after the final shutdown date.

Yes. You can download all your uploaded files at any time from your dashboard. We also provide an "Export My Data" feature that packages all your files, settings, and metadata into a downloadable ZIP file. This supports your right to data portability under GDPR.

We use multiple layers of protection: encryption in transit (TLS 1.2+), encryption at rest (AWS KMS), strong access controls (AWS Cognito), isolated storage per organization, regular security audits, and monitoring for suspicious activity. Learn more about our security measures.

Need More Information?

Explore our complete security and compliance documentation.

Security Details Compliance & Privacy