Data Security & Privacy
How your data is protected, how it is used, and where it lives
Encryption at Rest and in Transit
All customer data is encrypted at rest with AES-256 and in transit with TLS 1.3. This applies to external connections and to traffic between our own internal services, so your data is never moving or sitting in the clear. Encryption keys are held in dedicated key-management infrastructure and rotated on a regular schedule, separate from the data they protect.
Backups
Customer data is backed up daily with continuous transaction-log archiving and kept in a separate failure domain, and restores are validated rather than assumed. Our recovery objectives and the full backup posture are documented on our Reliability page.
Secure Data Deletion
When a retention period expires or you ask us to erase your data, it is permanently removed from our primary stores and aged out of backups within the backup retention window, so it does not linger in a copy somewhere. The specific retention periods per data type, and your rights to request access or deletion, are set out on our Data Retention and GDPR pages.
Access Monitoring and Physical Custody
Privileged access to data is governed by least privilege and writes an audit-log entry tied to the responsible identity, and that activity is monitored so unusual access is caught and investigated. The physical security of the servers that hold your data is handled by our ISO 27001-certified European data centers, with 24/7 surveillance, strict access control, and controlled facility entry. Your data sits in professionally secured facilities, not under someone’s desk.
We Do Not Train on Your Data
Your conversations, files, and business data are used for one thing: doing the work you ask your AI employees to do. We never use your data to train or fine-tune AI models, ours or anyone else’s, and we never sell it. When you teach an employee about your business, that knowledge is stored privately for your organization alone and is never pooled, shared across customers, or fed back into a shared model. Training an employee on your knowledge is not the same as training a model on your data, and we never do the second.
Our Model Providers Cannot Either
Sistava runs on top-tier model providers, and we use them under terms where data sent through their APIs is not used to train their models. Your data passes through to get a result and is not retained to improve someone else’s product. Because we are model-agnostic, we route work to the most suitable model without locking your data into any single vendor, and the same no-training expectation applies across all of them.
You Stay in Control
Your data is isolated to your organization at every layer, you can export it, and you can ask us to delete it. How deletion and retention work is documented on our Data Retention page.
EU-Hosted by Default
Every Sistava workspace runs on our primary infrastructure in ISO 27001-certified European data centers in Germany. For most customers this means EU data residency out of the box, with no configuration required. How we secure that infrastructure is documented on our Infrastructure page.
Regional Deployment for Enterprise
If your organization is required to keep data in a specific region, such as the United States, Saudi Arabia, the UAE, or elsewhere, we can work with you to deploy in that region as part of an enterprise engagement. We understand that data residency is often a hard regulatory requirement, not a preference. Because our entire platform is defined as code, standing up a deployment in a new region is a repeatable, auditable process rather than a one-off scramble.
Gulf Data Residency (KSA and UAE)
Organizations in Saudi Arabia and the UAE often operate under data-sovereignty rules that require regulated data to stay inside the country, such as the Saudi PDPL and the UAE’s data-protection regulations. We treat these as hard requirements, not preferences, and can deploy Sistava so that your data is processed and stored in your required jurisdiction. For Gulf customers with residency obligations, we offer in-region and dedicated, single-tenant hosting as part of an enterprise engagement. Frameworks such as the ADGM data-protection regime are part of how we scope these engagements.
Dedicated and Private Deployment
For customers who need full isolation, we can run a dedicated, single-tenant cluster so your workspace never shares infrastructure with any other organization. For the strictest requirements, we can deploy into your own cloud account or infrastructure, so your data stays entirely within your boundary. These options are available on request as part of an enterprise plan. If you have a residency or isolation requirement, talk to us and we will map your needs to the right deployment model.
What this means for customers
- AES-256 at rest and TLS 1.3 in transit, internal and external
- Daily backups with continuous log archiving and validated restore
- Secure deletion on retention expiry or erasure request, backups included
- Servers in ISO 27001-certified data centers with 24/7 physical security
- Your data is never used to train any AI model, ours or our providers’
- Your business knowledge is private to your organization, never pooled or sold
- Export and deletion on request, with data isolated to your org at every layer
- EU data residency by default; regional, Gulf, and dedicated deployment on request