Security

Enterprise-grade security

Your data is protected by industry-leading security practices. We never use customer data to train models.

Security Architecture

Encryption at Rest

All data encrypted using AES-256 encryption. Database-level encryption with customer-managed encryption keys available for enterprise deployments.

  • AES-256 encryption standard
  • Encrypted backups with separate key hierarchy
  • BYOK (Bring Your Own Key) available

Encryption in Transit

All data transmitted over TLS 1.3. Certificate pinning and perfect forward secrecy enabled across all endpoints.

  • TLS 1.3 minimum (TLS 1.2 for legacy compatibility)
  • HSTS enabled with preloading
  • Perfect forward secrecy (PFS)

Key Management

Enterprise-grade key management with HSM-backed key storage and automated key rotation.

  • HSM-backed key storage
  • Automated key rotation (90-day cycle)
  • Customer-managed keys (enterprise)

Tenant Isolation

Complete data isolation between customers at the database, compute, and network layers.

  • Logical isolation (standard)
  • Dedicated compute (enterprise)
  • VPC peering available

Audit Logging

Comprehensive Audit Trail

Every action is logged with tamper-evident, immutable records. Full audit history exportable for compliance reviews.

Immutable
Append-only log
Real-time
Live log streaming
7 years
Default retention
SIEM
Export to your tools

What's logged: User logins, data access, configuration changes, API calls, model invocations, policy evaluations, approval workflows, and administrative actions.

Access Control

Authentication

  • SSO via SAML 2.0 and OIDC
  • Multi-factor authentication (MFA) enforced
  • Integration with Okta, Azure AD, Google Workspace
  • Session timeout and device management

Authorization

  • Role-based access control (RBAC)
  • Attribute-based access control (ABAC)
  • Principle of least privilege
  • Quarterly access reviews

Data Retention & Deletion

Clear Retention Windows

Transparent data lifecycle management with configurable retention and guaranteed deletion SLAs.

Active Data

Retained for contract duration + 90 days

Audit Logs

7-year retention (configurable)

Deletion SLA

30 days from request (certified)

Data Subject Rights: GDPR Article 17 compliant deletion with certification letter upon completion. Deletion requests processed within 30 calendar days with cryptographic proof of destruction.

Legal Agreements

Data Processing Agreement (DPA)

GDPR-compliant DPA available for all customers. Covers data processing terms, sub-processor obligations, and data transfer mechanisms.

Available on request

Standard Contractual Clauses (SCC)

EU-approved SCCs for international data transfers. Transfer Impact Assessment available for EU customers.

Available on request

Incident Response

Security Incident Management

24/7 security monitoring with defined incident response procedures. Our security team follows established playbooks for incident classification, containment, eradication, and recovery.

< 1 hr
Initial response (P1)
24/7
Security monitoring
72 hrs
Customer notification

Security contact: security@lakkshionsit.com

For responsible disclosure, please include reproduction steps and impact assessment.

Service Level Agreement

Uptime Commitment

Platform Availability99.9%
API Availability99.9%
Scheduled Maintenance48hr notice

Support Hours

Standard Support9am–6pm ET, M–F
Enterprise Support24/7
P1 Response< 1 hour

Pilot customers receive the same SLA guarantees as production deployments.

System Status & Incident Communications

Real-time platform status and incident history.

All systems operational

Incident Communications: Email notifications for P1/P2 incidents within 15 minutes. Post-incident reports within 5 business days.

Dedicated status page: status.axiomia.ai (launching Q1 2025)

Back to Trust CenterContact security team