Your Data, Your Control
Team-level data isolation enforces ownership boundaries on every request. You control who has access and can delete conversations and project data at any time.
Built for the instance your reviewer is about to audit.
Phyllis is engineered so the control, the trail, and the data all stay where they started — inside your organisation. Here is how.
Posture
Six promises, enforced by construction.
Zero Data Retention
Enterprise agreements with our AI provider guarantee zero data retention. Your data is never stored by the LLM and never used for model training.
Encrypted by Default
All credentials encrypted at the application layer before storage. TLS in transit, secure cookies, strict session management in production.
Enterprise Authentication
SAML 2.0 SSO for Okta, Azure AD, and Google Workspace with domain-based enforcement. Role-based access separates developer, analyst, and stakeholder permissions.
Secure Infrastructure
Hosted on hyperscaler infrastructure. Single trusted AI provider (Anthropic Claude API). Data minimization sends only relevant context per request — no data leaves the secure pipeline.
Working Toward Compliance
Pursuing SOC 2 Type II and ISO 27001 certification. Audit logging tracks all configuration changes. Contact us for current security posture details.
Request
Need the full posture document?
We maintain a live security posture record — current certifications in progress, sub-processors, data flow diagrams, and the answers reviewers keep asking. Email the trust team and we will send it back the same working day.
Implement n
w.
