Loading...
Data security
Where your files live, what actually gets sent, and what the AI can and cannot do, organized by area.
Our core users are lawyers, accountants, teachers, and public institutions that handle genuinely sensitive information. That is why the entire architecture was designed from the start to keep your data safe.
The files you work on, the conversations you have, and the execution logs all stay on your computer.
inline AI opens, reads, and edits files directly on your computer. Because the work itself happens on your machine, your original files are never uploaded to the cloud.
Program actions like browsing files and editing documents are carried out directly by an isolated execution module on your computer. Because the code runs on your machine, documents never have to leave it.
Your conversations and tool-execution logs are all stored only in the user folder on your computer's local drive, and they never leave it.
The AI only plans what to do. The actual work runs only within the scope you allow and approve.
The AI model only plans what to do, while a separate execution module handles the actual file operations. Because the model never operates your computer directly, a wrong decision does not turn straight into an action.
The tools the AI can use are limited to those registered in inline AI. If a tool is not one we built, the call is automatically blocked before it reaches the execution module, even if the AI tries to invoke it.
inline AI works only in the folders you explicitly allow and their subpaths. Folders or files you have not allowed simply cannot be touched at all.
Hard-to-undo actions like changing files or editing documents bring up an on-screen approval request and do not run until you confirm. Only safe actions like reading documents proceed without approval.
inline AI never asks for admin rights and runs only within the OS permissions of the user who launched the app. Files you cannot access, inline AI cannot access either.
Sensitive operations like Office automation or file-system access run in a child process isolated from the main app, spawned independently for each session. A problem in one task does not spread to another task or to the whole app.
inline AI never uses macros or VBA, especially for Excel work. Because it does not embed executable code in your documents, there is no room for macro-based malware or security warnings.
Standard encryption protects both stored records and traffic in transit, and sensitive values are masked as they are written.
Chat history saved on your computer is fully encrypted with AES-256-GCM, so you cannot make out the contents even if you open the file directly.
The data encryption key (DEK) is kept in the Windows credential store (DPAPI). Even on the same computer, the records cannot be decrypted under a different Windows account.
A session identifier is used as additional authenticated data (AAD) to stop block-swapping attacks between files, and path-traversal defense is built in by default.
Tool-execution logs are encrypted the same way as your chat history, and sensitive credentials like passwords and tokens are masked automatically before they are written.
Traffic exchanged for AI inference is encrypted with TLS 1.2 or higher, so it stays unreadable even if intercepted along the way.
Only the minimal context needed for inference is sent, and nothing is kept once processing is done.
Inference receives only the context needed for the task, not your entire file. We narrowed what gets sent so no more data leaves than necessary.
When you do web research, what goes out is only the search query that is needed (e.g., "May 15 news"), not your document body. The contents of the document you are working on are never sent to a search engine or an external site.
We have signed zero-data-retention (ZDR) agreements with model providers like Anthropic and OpenAI. Data used for inference is discarded immediately after the AI model finishes processing. The agreements can be shared during consultations for organizational or enterprise rollouts.
The data you exchange is never used to train or fine-tune any AI model. Your work never flows into the next version of a model.
For organizations
For network-segregated environments like the public sector or finance, inline AI can run on a closed, air-gapped network with the AI model hosted inside your own infrastructure. With outbound internet cut off at the source, documents, conversations, and inference all stay within your internal network.
Run the LLM on your own internal GPU servers so documents and conversations never leave your internal network even once.
Remove outbound internet paths entirely, or limit them to a single controlled internal proxy.
Audit usage internally and keep accounts and access fully under your control through SSO and SCIM.
Book a 30-minute call to review network setup, model hosting, and the rollout plan together.