ZenforgeSecurity
How we protect your data.
Security is foundational to how Zenforge is built and operated. This page describes our security architecture, data handling, and the controls we have in place.
Encrypted everywhere
TLS for all data in transit. Encryption at rest on all datastores. Encrypted internal network between application and edge.
Passwordless authentication
Sign in with Google, Microsoft, GitHub, or a passwordless email link. No passwords stored, no password database. Email verification enforced.
Authorization on every request
Every workspace-scoped endpoint verifies membership in middleware. Cross-workspace data access is structurally impossible.
Data hosted in Australia
Application and database hosted in Sydney, AU (Fly.io + Neon PostgreSQL). LLM processing via US API endpoints with provider retention of 7–90 days.
Complete data erasure
Remove all data in a single operation — database records, LLM traces, and in-flight jobs. Provider data auto-deletes per their retention schedules.
Hardened by default
Content Security Policy with per-request nonces, HSTS, X-Frame-Options DENY, no-cache on authenticated responses.
AI & Your Data
Your data is not used for training models.
Zenforge sends text to LLM providers for processing.
Does customer data train models?
No. All supported LLM providers (Anthropic, OpenAI, Google) prohibit using API-submitted data for model training under their current terms of service.
What data is sent?
Signal text and workspace context, wrapped in extraction prompts. No user credentials or authentication tokens are included in LLM API calls.
Provider retention?
Anthropic: 7 days. OpenAI: 30 days. Google: up to 90 days. See subprocessor list for details.
Where is data processed?
Application data stored in Sydney, AU. LLM processing occurs in the US (provider API endpoints). Observability data stored in the EU (Langfuse Cloud).
Security questions?
For security inquiries, vulnerability reports, or to request additional documentation: security@zenforge.ai