Core principles
We never train on your data
Your data generates insights for your team and nothing else. It is never shared with other customers or used to improve any model.
Private, isolated environments
Every customer's data lives in a fully siloed environment — isolated at the infrastructure, application, and query layer.
Complete auditability
Every action is logged and traceable. Access logs, query history, and data lineage are available for compliance and internal audit.
How we protect your data
Access control
RBAC, RLS & zero-trust
Role-based access control and row-level security ensure users see only what they're authorized to see. Every request is authenticated regardless of network location.
SSO / SAML
Native SAML 2.0 support. Works with Okta, Azure AD, Google Workspace, and more — no friction with your existing identity stack.
Encryption & keys
End-to-end encryption
TLS 1.2+ in transit, AES-256 at rest, with automatic key rotation under formal key management policies.
BYOK & BYOM
Bring your own encryption keys and your own models. Sapien adapts to your security posture — not the other way around.
Monitoring & compliance
24/7 threat monitoring
Continuous automated threat detection across all systems. Anomalies surface to our security team in real time.
Enterprise agreements
Enterprise contracts with all cloud and LLM providers, plus DPAs, BAAs, and custom security addenda. Our legal team works directly with yours.
SOC 2 Type II
SOC 3 Type II
Questions