Security and Privacy
at Langdock.
Security is our core commitment at Langdock, not an afterthought. We built robust processes to keep your data safe, your workspace private, and your information accurate.
At Langdock, we establish robust security protocols, conduct consistent evaluations to ensure their effectiveness, and transparently demonstrate our adherence to these protocols to independent auditors.
Restrictive access
Access to data at Langdock is strictly limited to essential personnel based on the principle of least privilege.
Layered Security Controls
We use a multi-layered defense strategy to ensure security, providing backup controls in case of a breach.
Consistent Security Controls
We apply consistent security controls across all sectors, ensuring equal protection against threats.
Iterative Implementation
We continuously refine our controls to adapt to the evolving security landscape and improve our posture.
GDPR-compliant
We safeguard your data through secure processing and provide mechanisms for exercising GDPR rights.
SOC 2 Type II
Langdock is SOC 2 Type II compliant, proving our secure handling of user data and adhering to strict and vetted security processes.
ISO 27001
Langdock is ISO 27001 certified, which ensures the integrity of customer data, minimizes risks, and guarantees service continuity.
“Langdock's data security controls ensure that our data remains safe when working with LLMs.”
Sebastian Schleicher
CTO, Blinkist
No model training
Your data is never used for the training of models, not by us or any of the model providers on the platform.
Encryption of data
Data is encrypted both in transit and at rest. For encryption we use AES-256 and enforce at least TLS 1.2 for all connections.
Custom data retention
We apply consistent security controls across all sectors, ensuring equal protection against threats.
Penetration testing
We conduct regular penetration testing by an independent 3rd party to ensure our security posture is up to date.
Vulnerability scanning
The Langdock platform is continuously scanned for vulnerabilities, both on the infrastructure and application level.
Vendor management
We regularly review our vendors and sub-processors to ensure a compliant data processing.
Managed devices
All devices processing customer data have a security profile installed, use hardware encryption and are managed by an MDM solution.
Security training
All employees regularly undergo security training, with a focus on compliant data handling and secure engineering.
Compliance audits
The compliance of our company policies with the industry standards is regularly assessed by independent external auditors.