# Security Keeping your data secure is important. Because of that, Datawisp is built using a secure architecture, and takes advantage of modern, memory-safe languages, and employs additional techniques to prevent any data exfiltration. We are confident that Datawisp lives up to the highest security requirements of your organization. If you have any questions about how Datawisp keeps your data secure, please reach out to . ### Certifications Datawisp holds **SOC 2 Type II** and **SOC 2 Type I** certifications, with zero defects found. For a copy of the detailed reports, please reach out to . The shared instance is hosted in an **ISO 27001** certified datacenter, the managed / enterprise deployments will be hosted in a cloud / data center of your choosing, with all necessary certifications. Datawisp can be operated in a way that complies with HIPAA and other similarly strict certifications - including the AI features. If your business requires a BAA or equivalent, please reach out to our team for options. ### Deployment Options How and where we process data depends on the type of deployment you select. For more details about the possible deployments, refer to our documentation on [deployments](https://docs.datawisp.io/deployment). * For **enterprise deployments**, your data will never\* leave your infrastructure and control. It remains fully under your control. * For **managed deployments**, your data will never\* your cloud. * For the **shared deployment**, your data is stored in a secure facility with the strictest access controls. \* Depending on your choice of LLM provider. For more details, refer to [data processing](https://docs.datawisp.io/data-processing). ### Secure Architecture Datawisp is built from ground up with security in mind. * Datawisp does not copy the contents of your databases. Instead, data remains on your infrastructure, and queries are executed on your infrastructure. * Datawisp uses safety-oriented programming languages like Rust and TypeScript, to eliminate entire classes of bugs. * Your data is only stored in memory, and only while you're actively using Datawisp. If you close the relevant tab, your data is automatically evicted from memory. * All data is always encrypted at-rest and in-transit. * The architecture of Datawisp deployments is intentionally kept simple, to eliminate risky complexity. For more detailed information about how we store and process your data, refer to [data processing](https://docs.datawisp.io/data-processing), and/or ask for a copy of the SOC 2 reports. ### Granular Access Control When you store your data in Datawisp, you can decide what you do with it: * Data is not shared unless you explicitly share it. * Other users will only have access to your data if you explicitly share it with them. * Reviewing who you shared your data with is easily accessible via the sharing menu. ### AI None of the data processed by Datawisp will ever be used to train AI models / large language models. Your data will never be disclosed to other customers of Datawisp and/or the LLM provider.