one step to AI

Trust and security

inteli·one protects your data with three independent layers: EU-region APIs under GDPR Data Processing Agreements, dedicated container isolation per user, and zero-knowledge encryption — the platform operator cannot access your data even with full server access.

How does inteli·one protect your data?

inteli·one protects your data with three independent security layers working together: EU-region API processing under GDPR Data Processing Agreements, dedicated container isolation per user, and zero-knowledge encryption where even the platform operator cannot decrypt your data.

EU-Region APIs with Data Processing Agreements

AI processing uses multiple providers — all under GDPR Data Processing Agreements. Conversational AI, document processing, and voice transcription use Azure OpenAI in an EU region. Image generation uses Google Vertex AI in the EU region. Web search uses Perplexity AI and Google Custom Search proxied through our backend. No provider trains models on your data — processing is strictly transient.

Dedicated Container per User

Each user gets their own rootless Podman container with a dedicated SQLite database. This is dedicated isolation — not shared multi-tenancy. Your conversations, documents, credentials, and agent configurations never share execution space with other users. Account deletion removes the entire container.

Zero-Knowledge Encryption

All credentials and sensitive data are encrypted with password-derived keys using Argon2. The platform uses a three-tier key hierarchy: Azure Key Vault root key, per-user master key, and session keys via HKDF. The platform operator cannot decrypt your data — even with full server access.

What happens when the AI processes your prompt?

Your prompt is sent to Azure OpenAI in an EU region under a GDPR Data Processing Agreement. Microsoft processes it transiently and does not retain your content. Your documents, conversation history, and credentials never leave your encrypted container — only the specific prompt travels to the API.

Prompt leaves your container

When you send a message, the AI assembles context from your container's local data (documents, conversation history, agent memory) and sends only the constructed prompt to the API. Your raw files never leave the container.

Azure OpenAI processes in the EU

The prompt is processed by Azure OpenAI in an EU region under a GDPR Data Processing Agreement with Microsoft. No US data transfer. No training on your data — contractually prohibited.

Response returns to your container

The AI response is returned to your dedicated container, where it is stored in your encrypted SQLite database alongside your conversation history. Only you can access it.

Minimal data retention by the API

Microsoft does not store prompts beyond transient processing and does not use your data for model training. Transient abuse monitoring may occur as required by Azure policy, but no persistent storage of your content takes place. The DPA guarantees this contractually — not just as a policy that can change.

Can the platform operator access my data?

No. inteli·one uses zero-knowledge architecture — your data is encrypted with keys derived from your password. The platform operator cannot decrypt your data, read your conversations, or access your credentials, even with full server access.

Password-derived encryption

Your encryption keys are derived from your password using Argon2, a memory-hard key derivation function. The server never receives your password — it only stores a verification value that cannot be reversed to obtain the key.

Three-tier key hierarchy

Azure Key Vault holds the root key. Each user has a per-user master key (UMK) derived via HKDF. Session keys protect individual data operations. Compromising one layer does not expose data protected by the others.

SRP-6a authentication

Secure Remote Password protocol (SRP-6a). The server verifies your identity through a zero-knowledge proof — it only stores a verification value that cannot be reversed to obtain your password. Your encryption keys are derived locally from your password using Argon2.

Right to be forgotten

Account deletion means container deletion. Your entire execution environment — database, files, credentials, conversation history — is permanently removed. No residual data remains in the main database. This is GDPR compliance by architecture.

Cookie-free platform

inteli·one does not use cookies — no Google Analytics, no third-party tracking pixels, no consent banners needed. Zero data shared with ad networks or analytics providers. One less attack vector, one less compliance burden.

Immutable audit trail

Every action in your workspace is recorded in an immutable audit log with cryptographic integrity proofs. You get full transparency over what happened and when — and no one, not even the platform operator, can alter the record after the fact.

What certifications does inteli·one hold?

inteli·one is GDPR compliant with active supervision by the Polish Data Protection Authority (UODO). EU AI Act implementation is in preparation. ISO 27001 certification is planned for a later development phase.

GDPR

Platform compliant with the General Data Protection Regulation. EU data residency, full export and account deletion from day one.

active

UODO

Data controller is supervised by the Polish Data Protection Authority (UODO). Contact: [email protected].

active

EU AI Act

Implementation of EU Artificial Intelligence Act requirements. Adapting the platform to transparency and AI system identification requirements.

in preparation

ISO 27001

Information security management system certification. Planned for a later stage of platform development.

planned

Where is my data stored?

All AI services are configured for an EU region. User data is stored exclusively within the European Union and European Economic Area.

  • Data controller is subject to Polish law and UODO supervision
  • No data transfers outside EU/EEA without appropriate safeguards
  • Full compliance with GDPR data processing location requirements

Data protection contact:

[email protected]

Platform Availability

inteli·one is committed to maintaining high platform availability. We continuously monitor system health and respond to incidents promptly. Specific uptime commitments will be published after establishing baseline operational data.

Report a Vulnerability

If you discover a security vulnerability in inteli·one, we want to hear about it. We take every report seriously and investigate promptly.

How to report

Send your findings to [email protected]. Please include:

  • A description of the vulnerability and the affected component
  • Step-by-step instructions to reproduce the issue
  • The potential impact or risk
  • Your contact information (optional)

Responsible disclosure

  • Keep your findings confidential until we confirm the issue is resolved
  • Limit testing to proof-of-concept — do not access or modify other users' data
  • Good-faith security researchers are protected under our safe harbor policy. Full details in the Responsible Disclosure Policy

Our commitment

We acknowledge reports within 48 hours, complete triage within 7 days, and deliver fixes within 90 days of a verified report. Full timeline in the Responsible Disclosure Policy.

Legal documents

Privacy Policy

How the inteli.one website handles your data — waitlist, cookies, GDPR rights.

Read

Terms of Service

Terms for using the inteli.one website — scope, intellectual property, liability.

Read

Responsible Disclosure Policy

How to report security vulnerabilities — scope, timeline, safe harbor.

Read