Security & Architecture

How AI DeskFlow protects your data

Your data stays separate

• Each workspace runs in an isolated environment— your data is not shared with other customers.
• On our Cabinet and Enterprise plans, you get a dedicated private server in EU data centers (Germany/Finland) for GDPR-compliant hosting.
• Bring your own server: install on any machine you control (on-premise or cloud).
• Full remote access available on the Cabinet plan for direct server inspection and audit.

How AI processes your documents

Option 1: Cloud AI (Solo Pro plan, or BYOK on any plan)

• What is sent: your message, recent conversation history, and up to 5 relevant document chunks (~500 words each) extracted from your workspace. The full document is neversent — only the most relevant excerpts.
• Where it goes: to the AI provider you select (OpenAI, Anthropic, Groq, or OpenRouter). All transfers are encrypted via HTTPS/TLS.
• Provider data policies (as of March 2026):
  • OpenAI API: retains data for 30 days for abuse monitoring. Not used for model training (per their API data policy).
  • Anthropic API: does not use API calls for training (per their terms of service).
  • Groq: fast inference. Their data retention policy is less detailed — we recommend using your own API key for full control.
  • OpenRouter: routes to various models. Each model provider has its own policy.
• Bring Your Own Key (BYOK):when you add your own API key in Settings > AI Models, requests go directly to the provider under your account and yourterms. We never see or store the API traffic — only the encrypted key.

Option 2: Private Server AI (Cabinet & Enterprise plans)

• What stays private: everything. Your documents, messages, and AI processing happen entirely on your own server. No cloud AI provider is contacted.
• How it works: we install open-source AI models (via Ollama) directly on your dedicated server. Document indexing uses ChromaDB, also on your server.
• Trade-off:private AI models are generally smaller and less capable than cloud models like GPT-4o or Claude. For most professional use cases (contract review, summarization, Q&A), they work well. For complex reasoning or creative tasks, cloud models may perform better.
• Hybrid option:you can enable cloud AI for specific tasks while keeping document storage and search fully private. You control this per-workspace in Settings > Privacy.

Optional: PII anonymization

• When enabled in Settings > Privacy, sensitive information (email addresses, phone numbers, IBANs, French SSN) is automatically masked before being sent to any cloud AI provider.
• Limitation: this uses pattern matching (regex). It catches common formats but may miss unusual formats, names, addresses, or context-specific sensitive data. It is a safety net, not a guarantee.

Data routing: exactly where your data goes

This table shows precisely what happens to your data depending on your configuration. No vague promises — just facts:

Encryption

• Data in transit: all connections use TLS (HTTPS). HSTS with preload directive prevents downgrade attacks. This applies to all cloud API calls, database connections, and file transfers.
• Your API keys: encrypted with AES-256-GCM before storage in the database. Decrypted only at the moment they are needed to make an API call, never logged or cached.
• Database isolation:every query is automatically scoped to your workspace using PostgreSQL Row-Level Security (RLS) — enforced at the database engine level, not just in application code.
• File storage: stored in workspace-scoped buckets with RLS policies. Files are accessible only by workspace members.

Data flow diagrams

Two paths exist depending on your configuration. Here is exactly what happens in each:

Path A: Private Server (Cabinet/Enterprise)

  You (Web App / WhatsApp / Telegram)
         │  (HTTPS)
         v
  ┌─────────────────────────────────────┐
  │   Your Private Server (EU)          │
  │                                     │
  │   1. Receives your question         │
  │   2. Searches your documents        │
  │      (ChromaDB - on your server)    │
  │   3. AI generates a response        │
  │      (Ollama - on your server)      │
  │                                     │
  │   ✅ Nothing leaves your server     │
  └─────────┬───────────────────────────┘
            │
            v
      Answer delivered to you

Path B: Cloud AI (Solo Pro, or BYOK)

  You (Web App)
         │  (HTTPS)
         v
  ┌──────────────────────────────────────┐
  │   AI DeskFlow (Vercel, global)       │
  │                                      │
  │   1. Receives your question          │
  │   2. Searches your documents         │
  │      (pgvector on Supabase, EU)      │
  │   3. Sends question + relevant       │
  │      excerpts to cloud AI provider   │
  └──────────┬───────────────────────────┘
             │  (HTTPS)
             v
  ┌──────────────────────────────────────┐
  │   Cloud AI Provider (US)             │
  │   OpenAI / Anthropic / Groq          │
  │                                      │
  │   ⚠️  Your message + doc excerpts   │
  │      are processed on their servers  │
  │                                      │
  │   Provider retention policies apply  │
  │   (see details above)               │
  └──────────┬───────────────────────────┘
             │
             v
      Answer delivered to you

Access control

• Database-level isolation:every query is automatically restricted to your workspace — enforced at the database level.
• Team roles:Owner, Admin, Member, Viewer — each with granular permissions.
• Abuse protection: rate limits on all actions (e.g., 30 questions/min, 20 uploads/min, 5 login attempts per 15 minutes).
• Billing protection:plan limits and billing fields are enforced by the database itself — not bypassable.
• Input validation: all inputs are checked and sanitized to prevent attacks.

Compliance

• GDPR: data stored in EU. Data Protection Officer reachable at dpo@ai-deskflow.com.
• Data deletion:full account deletion available in Settings → Danger Zone. All data (documents, conversations, AI history) is permanently removed within 30 days.
• No tracking, no ads, no data selling. We use strictly necessary cookies only (authentication and session).
• EU AI Act: every AI interaction is logged with timestamps and model identifiers. We are actively building toward full compliance before the August 2026 deadline.
• Security audits: available on the Cabinet and Enterprise plans. Contact security@ai-deskflow.com to schedule.

Sub-processors

We only share data with trusted infrastructure providers, each bound by Data Processing Agreements (DPAs). On the Sovereign plan, most of these are bypassed entirely.

Certifications & compliance roadmap

Want to review our security posture? Contact security@ai-deskflow.com for a detailed security questionnaire response or to discuss our certification timeline.

Technical security controls

• HSTS — HTTP Strict Transport Security with 2-year max-age, includeSubDomains, and preload directive.
• CSP — Content Security Policy restricting script sources to self, Stripe, and Cloudflare Turnstile.
• X-Frame-Options: DENY — prevents clickjacking by blocking iframe embedding.
• X-Content-Type-Options: nosniff — prevents MIME type confusion attacks.
• Referrer-Policy — strict-origin-when-cross-origin to prevent data leakage in referrer headers.
• Permissions-Policy — camera, microphone, and geolocation restricted.
• SSRF protection — all server-side requests validate that target IPs are public (blocks RFC1918, loopback, link-local, IPv6 ULA).
• Anti-enumeration — authentication endpoints always return success to prevent email enumeration.
• PII anonymization — optional regex-based masking of emails, phone numbers, IBANs, and SSNs before cloud LLM processing.

Infrastructure overview

Questions?

If you have security concerns or want to report a vulnerability, contact us at security@ai-deskflow.com. We respond within 24 hours. For our full privacy policy, see Privacy Policy.