AIgile
SOC 2 Type 2 infrastructure · No AI training on your data

Your documents stay
yours.

Construction contracts and dispute documents are commercially sensitive. AIgile is built on enterprise-grade cloud infrastructure with clear, honest data practices — not marketing language.

Enterprise enquiry →Try AIgile free
AI infrastructure
SOC 2 Type 2
Certified provider
Document storage
SOC 2 Type 2
ISO 27001 certified
App hosting
SOC 2 Type 2
ISO 27001 certified
Identity
SOC 2 Type 2
Certified provider
AI training
Never
Your data stays yours
How we protect your data

Security built in, not bolted on.

🔒

Encryption at rest and in transit

All data is encrypted at rest using AES-256 and in transit using TLS 1.2 or higher — across every system in our platform. Your documents are never stored or transmitted in plain text.

🚫

Your data is never used to train AI

Documents and submissions you upload are used solely to generate your analysis. Our AI infrastructure provider contractually prohibits the use of customer prompts and responses to train or improve any foundation model.

🏛️

Enterprise cloud infrastructure

AIgile is built entirely on enterprise-grade cloud providers — each independently SOC 2 Type 2 certified and ISO 27001 certified. We do not run our own servers or manage our own data centres.

👤

Identity and access controls

Authentication is handled by a dedicated SOC 2 Type 2 certified identity provider. Your account data and documents are accessible only to you. Role-based access controls apply across all internal systems.

📋

Audit logging

All platform activity — document uploads, analysis runs, and access events — is logged by our infrastructure providers. These logs are retained for security monitoring and debugging purposes.

🛡️

No data selling or third-party sharing

Your documents, case submissions, and analysis outputs are never sold, licensed, or shared with third parties — including advertisers, data brokers, or other businesses.

Plain English

What we don't do with your data.

We do not sell your data.
Your documents, case submissions, and analysis results are never sold or licensed to any third party, including advertisers, data brokers, or other businesses.
We do not use your documents to train AI.
Content you upload is processed to generate your output only. Our AI infrastructure provider contractually prohibits using customer inputs and outputs to train or improve foundation models. This is not a policy choice we make — it is a binding contractual commitment from our provider.
We do not share your data with other AIgile users.
Your projects, contracts, and cases are siloed to your account. No other customer can see your data.
We do not claim Australian data residency we cannot guarantee.
We will be direct: our current AI processing infrastructure operates out of the US East region. Document storage uses cloud infrastructure on AWS. If Australian data residency is a hard requirement for your organisation, please contact us before signing up — we want to be honest about what we currently offer.
Honest limitations

What we can and can't promise right now.

Our security posture is only as strong as the weakest provider in our stack. We believe in telling you what that means in practice rather than overstating our protections.

✓ We can commit to
AES-256 encryption at rest across all providers
TLS 1.2+ encryption in transit across all providers
No use of your data to train AI models
No selling or sharing your data with third parties
All providers independently SOC 2 Type 2 certified
Your data is siloed from other users
Data deletion on request
⚠ Current limitations
AI processing occurs on US East infrastructure — not Australian
Interaction logs are retained by our AI orchestration provider for monitoring purposes
We are not currently ISO 27001 certified at the application level (though our providers are)
Australian data residency is not available in the current standard tier
We do not yet offer customer-managed encryption keys
Common questions

Security FAQs

Is my data used to train AI models?
No. Our AI infrastructure provider (Amazon Web Services Bedrock) contractually commits that customer prompts and completions are not used to train or improve any foundation model, and that data is not shared with model providers. This is documented in AWS's service terms.
Where is my data stored?
Your uploaded documents are stored on enterprise cloud infrastructure. AIgile's AI processing uses AWS infrastructure in the US East / global region. Document storage uses a cloud database provider running on AWS infrastructure. We do not currently offer Australian-region data residency — if this is a requirement for your organisation, please contact us.
Who can see my documents?
Only your account can access your documents through the AIgile platform. Our engineering team does not have standing access to customer documents. Any access by AIgile personnel for support purposes would require your explicit consent and is logged.
Are interaction logs retained?
Our AI orchestration infrastructure logs workflow executions for monitoring and debugging purposes. These logs are retained by that provider and are not used to train AI models. We do not retain the full text of your uploaded documents longer than necessary to produce your analysis output.
What certifications do your cloud providers hold?
Every infrastructure provider in our platform holds SOC 2 Type 2 certification. Several also hold ISO 27001 certification and HIPAA compliance. We do not publicly name our specific providers to limit our security surface area, but we are happy to discuss this in more detail for Enterprise procurement.
What happens to my data if I close my account?
You can request deletion of your data at any time. We will confirm deletion in writing within 30 days. Please refer to our Privacy Policy for full details on retention and deletion.
Do you offer a Data Processing Agreement?
Yes. Enterprise customers can request a DPA covering data flows, sub-processors, retention, and deletion rights. Contact us to begin that process.

This page describes AIgile's current data handling practices in plain English. It is not a substitute for our Privacy Policy or Terms of Service, which contain the legally binding terms. Security practices are reviewed regularly and this page will be updated as our infrastructure evolves. For Enterprise data processing enquiries or to request a Data Processing Agreement, please contact us.

Questions about how we handle your data?

We're happy to walk you through our infrastructure and data practices in detail — especially for Enterprise procurement or organisations with specific data handling requirements.

Get in touchTry AIgile free