Private AI built for sensitive data.

Your data stays yours

Documents you upload, questions you ask, and answers Wyrefront generates remain the property of your organisation. We do not sell, license, syndicate, or otherwise share customer content with any third party. There is no business model behind Wyrefront that requires customer content to leave the customer perimeter.

No public AI training

Customer documents and queries are never used to train Wyrefront models, and are never sent to public AI vendors (OpenAI, Anthropic, Microsoft, Google) as part of the answering pipeline. Language and embedding inference runs on infrastructure under your control.

Tenant isolation

Multi-layer isolation: customer data is segregated at the database, vector store, application, and audit layers. Single-tenant deployment is the default posture for the Enterprise tier; the self-serve tiers run on shared infrastructure with strict logical isolation.

Hardened parsing pipeline

Document ingestion runs through an isolated parsing pipeline with OCR fallback for scanned material. No documents transit external services during preprocessing — the parser, embedder and indexer all run inside the deployment boundary.

Role-based access control

Granular RBAC with workspace-scoped admin and member tiers, per-collection authorisation, and audit trails on every entitlement change. The Enterprise tier adds advanced custom permission scopes and conditional-access policies for sensitive collections.

SSO & multi-factor

OIDC single sign-on against your existing identity provider is coming soon on the Enterprise tier. Multi-factor authentication is available for tenant-admin and super-admin accounts and is enforced on opt-in by tenant-admins via Settings → Security.

In transit and at rest

TLS 1.3 in transit between client and edge. AES-256 at rest for backups (restic with per-deployment key). OAuth refresh tokens stored in the database are AES-encrypted with an application-layer key separate from the database credentials. Per-tenant encryption keys are on the 2026 H2 roadmap.

Choose the boundary that fits your posture

Wyrefront supports four deployment models, all running the same product surface:

• Managed Cloud — Wyrefront-hosted, fastest to production.
• Dedicated Private Cloud — single-tenant isolated infrastructure.
• On-Premise — runs inside your data centre or VPC.
• Air-Gapped — fully disconnected, strict telemetry isolation.

See the Enterprise page for a walkthrough of each model and the architectural diagram.

Private inference, no public vendors

Language-model inference runs on Wyrefront-controlled GPU infrastructure (in the managed and dedicated models) or on customer-controlled GPU infrastructure (in on-premise and air-gapped models). Customer queries and documents are not transmitted to OpenAI, Anthropic, Microsoft, Google, or any other public AI vendor as part of the answering pipeline.

Anthropic’s Claude API is used for internal, offline evaluation grading only — aggregated, non-customer-facing — and the API key is held in a single backend process, not exposed to tenants.

Export & erasure

Tenant-admins can export a complete JSON dump of every tenant-scoped row in the database plus all original uploaded files at any time via Settings → Account → Export my data. Erasure on request takes effect within 30 days of an account closure cliff; an erasure attestation is published in the audit log on completion. This satisfies NZ Privacy Act 2020 IPP 6/7, AU APP 12, and GDPR Article 20.

Append-only, defensible trail

Tenant-admin actions, document-access decisions, and entitlement changes are recorded in an append-only audit log. The Enterprise tier adds chain-of-verification reasoning visibility (the retrieval evidence behind each answer is reproducible for legal review, internal audit, and regulator inspection).

Frameworks & posture

Wyrefront’s control framework maps to the SOC 2 Security Trust Service Criteria. We are NZ Privacy Act 2020 and Australian Privacy Principles aligned by contract via our Data Processing Addendum, and GDPR-ready for EU expansion. Customers who require certified posture ahead of our scheduled SOC 2 Type I audit can include a contractual commitment to a completion date in their order form.

Disaster recovery

RPO ~24 hours (daily backups to local + Backblaze B2 cloud). Tested restore drill achieves L1+L2+L3 (application data, control-plane database, and vector store) in 73 seconds against a fresh sandbox. Full restore-from-scratch onto a new host is exercised at least once per year with a documented RTO of 2.5–4 hours.

If you believe you have found a security issue in Wyrefront, email security@wyrefront.com with a description, reproduction steps, and any supporting material. We commit to acknowledging receipt within 2 business days, providing a triage decision within 7 business days, keeping you updated until resolution, and crediting you publicly on this page on resolution unless you ask to remain anonymous. We do not pursue legal action against good-faith security researchers acting under standard responsible-disclosure practice.

Vulnerability reports and security questionnaires: security@wyrefront.com

Privacy enquiries and data-subject access requests: privacy@wyrefront.com

Commercial / DPA: legal@wyrefront.com