Security & architecture
Security by architecture. Not by promise.
The strongest data-protection argument is a data flow you can audit. Here is ours — including what we don't have.
The data flow
Where everything runs.
Every Copilot and every agent we build is deployed into your environment — your cloud tenant or your on-prem hardware. The model weights are static, open-weight files on your disk. Inference happens next to your data. There is no aplexio backend, no phone-home, no telemetry. After handover, nothing in the system talks to us.
┌─ YOUR ENVIRONMENT (tenant / on-prem) ─────────────┐
│ │
│ your systems ──► agent ──► open-weight model │
│ (SAP, CRM, files) │ (static files) │
│ ▼ │
│ answer │
│ │
└───────────────────────────────────────────────────┘
no connection to aplexio infrastructureRoles under GDPR
You stay the controller.
Your data is processed by you, on your systems — you remain the controller in the GDPR sense at all times. Where an engagement touches personal data at all, we act as a processor under a data processing agreement (DPA) we bring to the table. After handover, aplexio is not involved in any processing. During development we work with synthetic and sample data; if a build genuinely requires excerpts of real data, they are anonymized inside your environment first, under a contract addendum.
Design constraints
Five constraints we build under. Every engagement.
No phone-home
Nothing in the deployed system calls aplexio — no updates, no metrics, no “anonymous usage data.”
Open weights only
The model is a file you hold, under a license you can read. No API dependency that can be repriced or revoked.
Reproducible deployment
The runbook we hand over rebuilds the entire system from scratch — your team can redeploy without us.
You retain all data
Inputs, outputs, logs, embeddings — everything the system produces lives and stays in your environment.
Tested model-upgrade path
When a better open-weight model ships, the swap is a documented, tested procedure — not a new project.
Certifications
What we don't have.
aplexio holds no ISO 27001 and no SOC 2 certification, and we won't imply otherwise. Those certifications attest to how a vendor handles your data on their systems. Our architecture is designed so that your data is never on our systems — which is why we point auditors at the deployment in your environment, and hand over the documentation to audit it. If your procurement requires a certified vendor regardless, we'd rather tell you now than after a workshop.
Bring your data-protection officer.
The fit call works with your DPO or IT security in the room — the architecture answers most questions in the first ten minutes.