Enterprise-Grade Security
Your data and prompts are encrypted and protected at every layer — at rest, in transit, and in memory. Security is not an afterthought at ZETRAX.
SOC 2 Type II
Annually audited
AES-256 Encryption
At rest & in transit
GDPR Ready
EU data residency
Zero Retention
API prompt data
TLS 1.3
All connections
Pen Tested
Quarterly, third-party
2FA & SSO
SAML 2.0, OIDC
CSA STAR
Cloud security
How We Protect Your Data
Security built into every layer of our architecture.
Encryption Architecture
All data at rest is encrypted using AES-256-GCM with unique per-user encryption keys managed by our KMS (Key Management Service). Encryption keys are rotated quarterly and never stored alongside encrypted data.
Zero-Retention API Policy
When you generate prompts via API, the raw inputs are processed in isolated ephemeral execution environments and are permanently deleted from memory and all logging systems immediately after the response is delivered. We do not log, store, or analyze raw API prompt content.
Infrastructure Security
Our infrastructure runs exclusively on SOC 2 Type II certified cloud providers. All servers run hardened OS images with automatic security patching, network segmentation, and comprehensive intrusion detection.
Access Control
Internal access to production systems follows strict least-privilege principles. All access is logged, reviewed quarterly, and requires hardware 2FA. We use a zero-trust network model — no implicit trust within the perimeter.
Responsible Disclosure
Found a vulnerability? We take security reports seriously and reward researchers who help us keep ZETRAX safe. Submit reports to security@zetrax.app.
Report a Vulnerability