Trust
Security is the foundation, not a feature.
Your AI history is some of your most sensitive data. We treat it that way at every layer.
Encryption everywhere
Data is encrypted in transit with TLS 1.3 and at rest with AES-256. Sensitive secrets are isolated in a managed key store.
Scoped access
Every query is scoped to your account. Team data is isolated by workspace with role-based permissions.
Isolated infrastructure
Workloads run on hardened, regularly patched infrastructure with network isolation and least-privilege service roles.
No training on your data
Your conversations are never used to train third-party models. Your context stays yours.
Auditable by design
Access events are logged. You can export or permanently delete your data at any time.
Compliance roadmap
SOC 2 Type II is in progress. We design to that bar from day one rather than retrofitting it later.
Reporting a vulnerability
We welcome reports from the security community. If you believe you've found a vulnerability, email security@nessie.rest with details and steps to reproduce. We aim to acknowledge reports within one business day.