Security
& Trust

Diapason AI is built with security and privacy at its core. We process all data within the European Union and work exclusively with SOC 2 certified infrastructure providers.

The shadow AI problem78%

of AI users bring their own AI tools to work — pasting sensitive team data into consumer apps with zero oversight.

Your team deserves a safe AI.

Security Practices

Enterprise-grade security controls built into every layer of our infrastructure.

Least Privilege

Database functions default to no permissions. Each operation explicitly granted only required access.

Tenant Isolation

Complete data isolation between organizations using PostgreSQL Row-Level Security. Each customer's data is logically separated at the database level.

Encryption

AES-256 at rest, TLS 1.2+ in transit. All connections encrypted end-to-end.

Passwordless Auth

Magic link, Google OAuth, or Microsoft OAuth. No passwords stored, no credentials to leak.

Environment Isolation

Development, staging, and production fully separated. No data sharing between environments.

DDoS & WAF Protection

Cloudflare Web Application Firewall protects against attacks. Rate limiting and bot protection included.

EU Data Residency

All your data is processed and stored within the European Union.

EU

All infrastructure is configured to process and store data exclusively within the European Union. No data leaves the EU.

Security (WAF)

Cloudflare

EU Edge

Hosting

Vercel

Paris, France

Database & Auth

Supabase

Paris, France

AI

Vertex AI

EU (BE, FR, NL, DE)

Analytics

PostHog

EU Region

Subprocessors

We work exclusively with trusted, certified infrastructure providers.

ProcessorPurposeLocationCertifications
CloudflareWAF & DDoS ProtectionGlobal (EU routing)
SOC 2ISO 27001PCI-DSSDPA ✓
SupabaseDatabase & AuthEU (Paris)
SOC 2HIPAADPA ✓
VercelHosting & Edge FunctionsEU (Paris)
SOC 2ISO 27001DPA ✓
Google Vertex AIAI Conversations & EmbeddingsEU (BE, FR, NL, DE)
SOC 2ISO 27001DPA ✓
PostHogProduct AnalyticsEU
SOC 2HIPAADPA ✓
SentryError MonitoringEU (Germany)
SOC 2ISO 27001HIPAADPA ✓
StripePaymentsEU (Ireland)
SOC 2PCI-DSSDPA ✓
AssemblyAITranscriptionEU (Dublin)
SOC 2PCI-DSSDPA ✓
ResendEmailEU (Ireland)
SOC 2DPA ✓

Documents & Resources

Privacy Policy
Terms of Service
Request DPA

Report a Security Issue

We value responsible disclosure. If you've discovered a vulnerability, please contact us.

security@diapasonai.com

We commit to:

  • Acknowledging reports within 48 hours
  • Keeping you informed of our progress
  • Not pursuing legal action for good-faith reports

Ready to get started?

You've read the details. Your team's privacy is safe with us.

See PricingTry Diapason Free