Question 1

What happens to the data I share with the language model?

Accepted Answer

Your data is encrypted (AES-256 at rest, TLS 1.2+ in transit) and stored in GDPR-compliant EU data centers. Credentials and API keys are never exposed to the LLM. We use multi-layer security including a separate security agent and code-level guardrails that can't be bypassed via prompts. All actions are logged for audit trails. For full details, see our [Security Overview](https://docs.abundly.ai/security/overview).

Question 2

What security features does Abundly have?

Accepted Answer

Abundly is built with enterprise-grade security, using a multi-layer "onion" model for comprehensive protection.

## Multi-Layer Security Architecture

| Layer | Description |
|-------|-------------|
| **LLM Layer** | AI models undergo rigorous training to minimize risk |
| **Platform Layer** | Security agent, guardrails, and technical access controls |
| **Agent Layer** | Behavior driven by instructions and limited to enabled capabilities |
| **User Layer** | Users control capabilities, configure guardrails, and provide oversight |

## Key Security Features

- **Security Agent** - A dedicated background agent that reviews plans and can veto unsafe actions, protecting against prompt injection attacks
- **Access Controls** - Role-based permissions for users and agents
- **Guardrails** - Technical constraints enforced by the platform
- **Audit Trails** - Complete logging of all agent activities
- **Credential Security** - Encrypted storage of secrets and API keys
- **Data Encryption** - AES-256 at rest, TLS 1.2+ in transit

## Compliance

| Standard | Status |
|----------|--------|
| **GDPR** | ✅ Compliant (EU data residency available) |
| **Data Encryption** | ✅ AES-256 at rest, TLS 1.2+ in transit |
| **Access Controls** | ✅ Comprehensive RBAC |
| **SOC 2 Type II** | 📅 Planned |
| **ISO 27001** | 📅 Under evaluation |

## Learn More

For detailed security documentation, see:
- [Security Overview](https://docs.abundly.ai/security/overview)
- [Access Control](https://docs.abundly.ai/security/access-control)
- [Guardrails](https://docs.abundly.ai/security/guardrails)
- [Credentials](https://docs.abundly.ai/security/credentials)
- [Compliance](https://docs.abundly.ai/security/compliance)

## Questions?

For security-specific inquiries, contact us at support@abundly.ai.

Question 3

What subprocessors are used to process data?

Accepted Answer

[our list of subprocessors](/subprocessors)

Layer	Description
LLM Layer	AI models undergo rigorous training to minimize risk
Platform Layer	Security agent, guardrails, and technical access controls
Agent Layer	Behavior driven by instructions and limited to enabled capabilities
User Layer	Users control capabilities, configure guardrails, and provide oversight

Standard	Status
GDPR	✅ Compliant (EU data residency available)
Data Encryption	✅ AES-256 at rest, TLS 1.2+ in transit
Access Controls	✅ Comprehensive RBAC
SOC 2 Type II	📅 Planned
ISO 27001	📅 Under evaluation

Security & Privacy FAQs

What happens to the data I share with the language model?

What security features does Abundly have?

Multi-Layer Security Architecture

Key Security Features

Compliance

Learn More

Questions?

What subprocessors are used to process data?