Loading...
Encryption by default, strict no-training guarantees, and infrastructure monitored around the clock. Security isn't bolted on — it's how Rax AI is built.
Four principles guide how we handle your data, from the moment it hits our API to the moment it's deleted.
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). API keys are hashed and never stored in plain text.
Secure API key authentication with scoped permissions. Support for OAuth 2.0 and SSO for enterprise accounts.
Hosted on AWS across North America, Europe, and Asia, plus a dedicated on-premises node in Nakuru, Kenya. AWS infrastructure is independently SOC 2 Type II certified; automated patching and 24/7 monitoring cover both environments.
We never use identifiable customer data to train models. Anonymized, identifier-stripped prompts/responses may be used to improve response quality — see our Privacy Policy for details. We follow data minimization principles and maintain GDPR compliance.
You should know exactly what happens to your data. Here's the breakdown.
We never use identifiable customer data — your account, API keys, or any information that could identify you — to train or fine-tune our models. Anonymized, identifier-stripped prompts and responses may be used solely to improve AI response quality. See our Privacy Policy for the full details.
Built-in security features to help you maintain control and visibility.
Create multiple API keys with granular permissions. Rotate keys without downtime.
Role-based access control for team members with detailed audit logs.
Intelligent rate limiting to protect against abuse and ensure fair usage.
Real-time monitoring with instant alerts for suspicious activity.
Where we stand today on the certifications and regulations that matter most to our customers.
Security, availability, and confidentiality controls
EU General Data Protection Regulation
California Consumer Privacy Act
Health Insurance Portability and Accountability
We take security vulnerabilities seriously. If you've discovered a security issue, we encourage you to report it to us responsibly.
Our security team is happy to answer questions, provide documentation, or help with compliance requirements.