Sign In

Security

IntroductionAll your notes are privateUsing AI models through corporate contracts with Microsoft, Google, and AnthropicData Protection and StorageAccess Control and AuthenticationConfidentiality Pledge

Introduction

LilysAI users entrust LilysAI with millions of data and notes. This trust is based on LilysAI’s data security and safety. The information on this page is intended to provide transparency into LilysAI’s data protection practices. We plan to continue to expand and update this information as new security features are added and security improvements are made to our products.

All your notes are private

All of your notes remain private by default.
It will not be accessible to outsiders until you change it to public status by clicking the 'Share' button.
The PDF, video, and audio files you upload will not be disclosed externally.

Using AI models through corporate contracts with Microsoft, Google, and Anthropic

LilysAI uses AI models through corporate contracts with Microsoft, Google, and Anthropic, so user-inputted data is not used to train the AI ​​models and is safe.
Microsoft, Google, and Anthropic comply with the following policies.
We store customer data encrypted and using FIPS 140-2 compliant 256-bit AES encryption by default.
Customer data is not used to improve Microsoft products or services, improve AI models, etc.
Complies with industry and regional regulations including HIPAA, GDPR, SOC 2, etc. FedRAMP High certified to handle sensitive non-classified U.S. government data

Data Protection and Storage

Encryption: Your data is stored in Amazon Web Services (AWS) RDS and is encrypted both in transit and at rest to keep it secure.
Data Backup: Customer data is backed up periodically and a recovery plan is in place to protect against data loss.

Access Control and Authentication

Strong authentication: Only authenticated users can access your system using Firebase Auth. Each customer account has its own unique authentication process, ensuring that your customer credentials are kept secure.
Role-based access control: Access rights are set differently depending on user roles, so that only users with the necessary rights can access sensitive information.

Confidentiality Pledge

All LilysAI internal staff members sign a confidentiality agreement to ensure that they do not leak client information.


SOC2 Type II certification in progress
SOC 2 is a cloud service security certification framework established by the American Institute of Certified Public Accountants (AICPA) that evaluates the level of control over overall service operations based on five trusted service criteria: security, availability, process integrity, confidentiality, and privacy. Among these, Type II is a certification that verifies through external audits that security controls have been effectively operated over a certain period, and it has established itself as the most stringent security standard required by global enterprise companies when selecting partners.
LilysAI is currently undergoing the SOC 2 Type II certification process and is striving to safely protect customer data by establishing an enterprise-grade security operating system.
Made with Slashpage