Composed AI enforces workspace isolation, envelope credentials encryption, and auditable data access controls to protect your business knowledge.
How we encrypt, host, and partition your files and operational metadata.
All public traffic, database connections, and API calls are encrypted in transit using TLS 1.3. Stored records, vector embeddings, and search metadata are encrypted at rest using AES-256.
Composed AI runs on top-tier cloud providers (AWS/GCP) inside private, isolated virtual networks (VPCs). We maintain active firewalls, rate limiters, and automated threat monitoring. Your data is never used to train third-party foundation models (OpenAI, Anthropic, or Google).
Your business metrics, database tables, and conversation records are stored in logically isolated database instances with strict connection restrictions.
Strict boundary enforcement across your teams and data connectors.
We request read-only scopes when connecting external platforms like Notion, Slack, or databases. We never write to or modify your production source systems.
Customer data is partitioned logically. One client workspace can never query, scan, or see the data sources or vector namespaces of another workspace.
Enforce security standards using role-based permissions. Admins decide which internal members can view signals, read raw sources, run investigations, or edit settings.
Our architecture ensures that every response is verifiable and traced to concrete source facts.
Composed AI never synthesises summaries without supporting citations. Answers are strictly compiled using verified customer context.
We leverage LLMs as reasoning engines over your specific context, rather than letting the model fall back on its pre-trained generalisations.
Every data scan, signal trigger, and Q&A thread leaves a transparent audit trail showing exactly which source records were read and when.
Every paragraph in Ask Composed summaries features clickable citations back to the source file, database entry, or support log.
Built-in evaluation layers to keep responses accurate and aligned with your policies.
We format system queries to only reference connected knowledge base sources, completely preventing outside assumptions and model drift.
We pass final responses through real-time verification guards. Responses that lack adequate factual alignment with connected sources are flagged or blocked.
Every chatbot deployment is rated on factual accuracy, hallucination risk, coverage, and unknown handling before it meets customers.
Questions that fall below the AI assistant's confidence threshold are cleanly routed to your team with the full evidence trail attached.
We design our security controls around established industry standards.
How data flows securely from your connected systems into evidence-backed workspace results.
Credentials isolated via Cloud KMS · Namespaced Vector Storage · Automated PII Sanitisation
No. Composed AI never trains underlying LLMs, public foundations, or proprietary models on your business data, connected documents, or search queries. Your data remains strictly your own.
All data is stored in isolated, multi-tenant databases and vector namespaces in secure cloud facilities (GCP/AWS). For Enterprise plans, we offer dedicated, single-tenant hosting in regions of your choice.
API tokens, database credentials, and OAuth keys are encrypted at rest using envelope encryption with Cloud Key Management Service (KMS). Credentials are only read to fetch updates under strict read-only scopes.
Yes. Composed AI integrates with SAML, OIDC, and major identity providers (Okta, Azure AD, Google Workspace) on our Pro and Enterprise plans to enforce your organisation's authentication standards.
Learn more about workspace isolation, specific compliance schemas, or custom enterprise requirements.