Security
Security and data handling
Client data stays in a secure leading cloud environment: Microsoft Azure, AWS, or Google Cloud. These environments meet international standards such as ISO 27001 and SOC 2. Client data is separated by design, access is controlled and logged, and the platform abstains rather than inventing output when no sufficient source exists.
Where does client data live?
Your knowledge library and decision DNA live in a leading cloud environment: Microsoft Azure, AWS, or Google Cloud. These environments meet international standards such as ISO 27001 and SOC 2. We phrase this carefully on purpose: the audited environment is the claim your compliance team can actually verify, and it is the one that matters for where your data physically sits.
How is client data separated?
Each client's environment is separate. Your source files, enriched files, and every output built from them belong to your deployment alone. There is no shared pool of client knowledge, and nothing from your library informs any other client's decisions.
Who can access what?
Access follows the structure your organization already uses: people see what their role permits, and access is logged. Because every output carries a source reference, an auditor can trace not only who saw an output but which files it rested on. Traceability is not an add-on for compliance; it is how the platform works for everyone.
What about the AI engines themselves?
Praxiron sits above the AI engines, one step before the AI. That position is a security property as well as an architectural one: the platform governs what reaches an engine, keeps your decision DNA outside any single vendor's stack, and applies the same source-reference and confidence behavior regardless of which engine does the work.
How do we evaluate this ourselves?
Bring your security and compliance team. A deployment starts with your questions about data residency, separation, access control, and audit; the review process is part of the engagement, and support is provided throughout it. We would rather answer hard questions before a deployment than easy ones after.
Have your security team put us through the review.
Talk to PraxironFrequently asked questions
Is Praxiron ISO 27001 or SOC 2 certified?
Praxiron runs in cloud environments (Microsoft Azure, AWS, or Google Cloud) that meet international standards such as ISO 27001 and SOC 2. Praxiron does not claim those certifications for itself; we point to the audited environment your data actually lives in, which is the claim your compliance team can verify.
Is our data used to train AI models?
Your knowledge library exists to serve your decisions. The platform is engine-agnostic and routes work to leading AI engines under the controls described here; your decision DNA remains your asset. Data handling terms, including model training exclusions, are set out in the engagement agreement your team reviews before anything is connected.
Can one client see another client’s data?
No. Client environments are separated by design. Your knowledge library, decision DNA, and outputs are yours alone, and separation is enforced at the environment level in the cloud your deployment runs in, not by application logic alone.
What should our CIO ask before a deployment?
Ask where the data lives, how environments are separated, which standards the cloud environment meets, how access is controlled and logged, and what the platform does when it has no sufficient source. These are the questions we expect, and the answers are specific, not marketing language.
Related reading: how the platform works and AI abstention.