security

Secure by design

Founded on the understanding that LLM interactions yield valuable data, Nebuly has always prioritized the security and privacy of every customer’s data.
certifications
Audit and certifications
SOC 2 Type 2
Nebuly is currently in the process of obtaining SOC 2 Type 2 certification.
Discover more
ISO 27001
Nebuly is working towards achieving ISO 27001 certification.
Discover more
GDPR compliant
We safeguard your data through secure processing in compliance with GDPR.
Discover more
SELF HOSTED
Deployed in your own infrastructure
Nebuly Self Hosted
Nebuly can be self-hosted on Microsoft Azure, AWS and GCP using Docker.
Enhanced Data Control
Retain full control over your data, ensuring by design compliance with specific security protocols and regulatory requirements.
Data Retention Policy
By default, data are never deleted to enable time-series analysis. Admins of a Nebuly workspace can opt for a different user data retention periods. At the end of the period, we automatically delete the user data.
Scalable Infrastructure
Tailor their infrastructure to meet your unique operational needs, from hardware configurations to software integrations, fostering scalability and flexibility as the business evolves.
data and product security
The highest security practices
PII removal
We automatically identify all data fields that contain personally identifiable information (PII) and replace all PIIs with pseudo values or codes that do not reveal any personal information about the individual.
Secure encryption
We employ high-level encryption for maximum data security. Secure your data with the same encryption that banks use and ensure that no authorized parties can view information. All data in transit is encrypted using TLS/SSL.
RBAC
We offer robust identity and access management for secure data control so that you can create granular permissions that dictate who can access and work with your data.
Infra security
We take steps to ensure that our infrastructure is both secure and scalable. We use private endpoints enforced across system infrastructure and IP whitelisting and private VPC.
Internal training
We provide thorough security training to ensure compliance and data protection. All Nebuly staff undergo comprehensive security training when they join and periodically thereafter to maintain compliance standards.