Infrastructure
Windikate runs on a hardened, multi-tenant cloud architecture with strict logical separation between workspaces. Production access is gated by hardware security keys and audited. Disaster recovery is exercised quarterly with documented RPO and RTO targets.
Data handling
All content you upload is encrypted at rest with AES-256 and in transit with TLS 1.3. Per-tenant encryption keys are rotated on a defined cadence. Access by Windikate personnel is restricted to a small group, requires justification, and is logged.
AI training
Customer content is never used to train third-party base models. Windikate's internal models that classify, extract, or summarize on your data run only within your tenant's processing boundary unless you explicitly opt in to contribute anonymized samples to product improvement.
Identity and access
All plans support strong passwords, optional 2FA, and granular workspace roles. Enterprise plans support SSO/SAML, SCIM provisioning, and IP allow-listing.
Compliance
We maintain SOC 2 Type II controls audited annually. Reports are available under NDA. We support data residency for Enterprise customers in EU and India regions, and a fully private deployment option for funds with strict locality requirements.
Responsible disclosure
If you believe you've found a vulnerability, please report it to security@windikate.ai. We acknowledge reports within one business day and work in good faith with researchers acting under safe-harbor.
Status & transparency
Real-time service health is published at status.windikate.ai. Incidents include a public post-mortem within seven days of resolution.