Enterprise Security, Built In

Your data security is our top priority. PersonaTrain is designed from the ground up for enterprise-grade protection.

Tenant Isolation

Complete Multi-Tenant Isolation

Every customer's data lives in its own isolated environment. Knowledge bases, conversation sessions, user accounts, and evaluation data are strictly separated at the database level, not just the application level.

  • Separate knowledge bases per tenant with zero cross-contamination

  • Row-level security enforced at the database layer

  • Isolated vector embeddings ensure RAG retrieval never crosses tenant boundaries

ARCHITECTURE DIAGRAM

Multi-Tenant Isolation Model

Encryption

Encrypted at Every Layer

Your data is protected whether it's moving or standing still.

Encryption at Rest

All stored data, documents, embeddings, conversation logs, and evaluation records, is encrypted using AES-256, the same standard used by financial institutions and government agencies.

AES-256

Encryption in Transit

Every connection between your browser and our servers is secured with TLS 1.3. API calls, file uploads, and real-time conversation streams are all encrypted end-to-end.

TLS 1.3
Data Ownership

Your Knowledge Never Trains Our Models

Your uploaded documents, extracted facts, and conversation data are yours, period. We never use customer content to train, fine-tune, or improve any AI models. Your proprietary knowledge stays proprietary.

When you delete a document, it's gone. Embeddings are purged, facts are removed, and no trace remains in our systems. You retain full ownership and control over every byte of data you upload to PersonaTrain.

Compliance & Certifications

Built to meet the security and privacy requirements of regulated industries.

SOC 2 Type II

Our infrastructure and processes are designed to meet SOC 2 Type II requirements, with ongoing audits covering security, availability, and confidentiality.

GDPR Compliant

Full GDPR compliance including data subject rights, lawful processing, data minimization, and the right to erasure. DPA available on request.

Data Residency

Choose where your data lives. We offer deployment options across multiple regions to meet local data residency and sovereignty requirements.

Enterprise Infrastructure

PersonaTrain runs on battle-tested infrastructure designed for reliability, performance, and security at scale.

  • AWS Cloud, Hosted on Amazon Web Services with multi-AZ redundancy

  • PostgreSQL + pgvector, Enterprise database with vector search for knowledge retrieval

  • Redis, In-memory caching for real-time session state management

  • S3-Compatible Storage, Encrypted object storage for documents and media

Access Control

Fine-grained access management ensures the right people see the right data.

  • Role-Based Access Control (RBAC), Admin, training manager, and learner roles with distinct permissions

  • JWT Authentication, Stateless, secure token-based authentication with configurable expiration

  • API Key Management, Scoped API keys for programmatic access with audit logging

Have Security Questions?

Our team is ready to walk through our security architecture, compliance posture, and data handling practices in detail.

Talk to Sales About Security Read Privacy Policy