Security is our core commitment at Langdock, not an afterthought. We built robust processes to keep your data safe, your workspace private, and your information accurate.
Restrictive Access. Access to data at Langdock is strictly limited to essential personnel based on the principle of least privilege.
Layered Security Controls. We use a multi-layered defence strategy to ensure security, providing backup controls in case of a breach.
Consistent Security Controls. We apply consistent security controls across all sectors, ensuring equal protection against threats.
Iterative Implementation. We continuously refine our controls to adapt to the evolving security landscape and improve our posture.
We safeguard your data through secure processing and provide mechanisms for exercising GDPR rights.
Langdock is working towards achieving ISO 27001 certification. This will further ensure the secure handling of our users' data.
Langdock is currently undergoing the 3-month SOC 2 Type 2 audit period with the final certification scheduled for end of 2023.
Data segregation. Data is separated by workspace and organisation using row-level access mechanisms.
Vulnerability scanning. We conduct these scans at critical phases to proactively detect and address any potential security flaws.
Real-time Access Control. Using source system access control to inherit permissions for every external integration into Langdock.
Data encryption. Data & chats at rest is encrypted with AES-256. Data in transit is encrypted with TLS 1.3 using AES-256.
Audit logs. All operations are monitored, recorded and can be analysed in great detail at any time.
Redaction of sensitive information. Information entered into the system is scanned for PII at runtime.
No training data for LLMs. Langdock only uses models where the inputed data is not used for re-training of the models.
Custom data retention. Decide yourself how long we should retain your chat and company data.
Data Hallucination Resistance. We use RAG to provide relevant data and have mechanisms to prevent hallucinations.
At Langdock, we are committed to maintaining the highest standards in our operations. As part of this promise, we consistently assess updates to both regulatory standards and emerging frameworks.
Does Langdock train LLMs with user data?
No. All models we support are stateless which means no data is stored within the model. All context that we provide to a model to generate a personalized result is passed to the model with every request. We currently don’t offer fine-tuning of models but you can already bring your own fine-tuned model!
How does Langdock handle permissions of third-party apps?
We use source system access control to inherit permissions for every external integration into Langdock. This makes sure that users can’t access documents they are not allowed to access.
How long does Langdock store user data?
Admins of a Langdock workspace can choose between different user data retention periods. At the end of the period, we automatically delete the user data. The currently available options are: After 7 days, After 30 days, After 90 days, No retention policy (forever). Our integrations inherit data retention from the source. If a document is deleted in eg. SharePoint, the operation will be propagated in Langdock with the next refresh.
How can Langdock be hosted?
We support several hosting options. Reach out to us and we will find an option that fits your business needs.
Does Langdock support SSO?
Yes. We support enterprise-level Single Sign-On (SSO) for all major identity providers like Azure Entra, Okta, and Okta.
What are the encryption mechanisms used by Langdock?
The data in the database (both vectors and application data) is encrypted at REST with AES-256 and in transit via TLS.