Security & Compliance at DataVision AI

Security isn't a feature—it's the foundation of everything we build. We implement multiple layers of protection to ensure your insights remain yours alone.

End-to-End Encryption

All metadata and connection strings are encrypted in transit using TLS 1.3 and at rest using AES-256.

Zero-Knowledge Row Access

Our AI engine only processes schema metadata. We never store or permanentely access your raw database rows.

Compliance Standards

Built to align with SOC2, GDPR, and HIPAA requirements for data handling and organizational security.

Network Protection

Dedicated VPC environments and strictly filtered network access to ensure your data is isolated.

How We Protect Your Data

What happens when I upload a file?

When you upload a CSV or Excel file, DataVision AI extracts only the schema (column names, data types, and row count) in transient memory. The raw file is never written to disk or stored permanently. After the analysis session, all temporary data is purged.

How are API keys secured?

API keys are hashed using a one-way cryptographic function before storage. The plain-text key is shown to you exactly once at generation time. Even our own team cannot retrieve your key. If you lose it, you must generate a new one.

What compliance standards do you meet?

DataVision AI is built to align with SOC2 Type II, GDPR, and HIPAA requirements. We use Row-Level Security (RLS) on all Supabase database tables to ensure that users can only access their own data. All connections use TLS 1.3, and data at rest is encrypted with AES-256.

Can I request a security audit or penetration test report?

Yes. Enterprise customers can request our latest security assessment and penetration test results. Contact our compliance team at hello@datavision.ai to schedule a review.

Need a security overview?

Download our full security whitepaper or speak with our compliance team regarding specific regulatory requirements.