Saphira Security, Compliance & Privacy Overview

Last Updated: January 2025

Saphira is a real-time safety-compliance monitoring platform that can be deployed fully on-premises (local) or in the cloud, offering customers choice over data residency, operational control, and compliance posture. This document outlines:

  1. Our deployment tiers
  2. Their respective security properties and compliance levels
  3. Our human-in-the-loop review processes to guard against AI "hallucinations"
  4. How we manage external-vendor data agreements
  5. Our overarching data-privacy commitments
  6. Next steps and rapid certification support

1. Deployment Tiers

TierDescriptionKey Characteristics
On-PremisesInstalled entirely within the customer's own datacenter.
  • No external network calls
  • Customer-managed infrastructure and backups
  • Full visibility into every component
Private-Cloud (VPC)Hosted in a customer-owned VPC (AWS/Azure/GCP).
  • VPC isolation
  • Customer IAM and network controls
  • Option for shared-services integration
Public-Cloud (SaaS)Hosted by Saphira in our secured data centers.
  • Encrypted multi-tenant environment
  • Industry-standard perimeter defenses
  • High-availability SLAs

2. Security Properties

2.1 Data Residency & Isolation

  • On-Prem: All binaries, data, and logs remain in your facility.
  • Private-Cloud: Runs in your dedicated VPC; you control subnet, firewall, and peering.
  • Public-Cloud: Tenant data logically isolated; you retain sole access to encryption keys.

2.2 Encryption

  • In Transit: TLS 1.2+ for all API/UI communications.
  • At Rest: AES-256 encryption of embeddings store, audit logs, and optional input/output logs.

2.3 Access Control & Sandbox

  • RBAC: Fine-grained roles (Admin, Auditor, Read-Only, Integrator) ensure least-privilege.
  • API Tokens: Scoped to specific actions (e.g., read-only on Jira extracts, write-only to gated sinks).
  • Agents: In isolated containers with no outbound access beyond configured endpoints.

2.4 Audit & Logging

  • Event Logging: All data accesses, retrievals, model runs, and admin actions are recorded (with client permission).
  • Immutable Audit Trails: Logs protected via append-only ledger; can be forwarded to your SIEM.

2.5 Rate-Limit Handling & Scheduling

  • Adjustable batch-indexing windows (overnight/weekends) and inter-query back-off.
  • Client-configurable rate-limit parameters to align with existing infrastructure SLAs.

3. Human-in-the-Loop Review & Hallucination Mitigation

To ensure AI-driven analyses never compromise critical safety outcomes, Saphira enforces multi-stage, human-centric validation workflows:

3.1 Automated Confidence & Red-Flagging

  • Every AI inference includes a confidence score and uncertainty indicators.
  • Potentially low-confidence findings or unexpected traceability links are automatically flagged.

3.2 Safety Engineering Team Oversight

  • Our in-house safety engineers review all AI-generated risk assessments, hazard mappings, and requirement traceability outputs before any client-facing report is finalized.
  • Hallucination checks: Outputs are cross-referenced against source documents and system logs.

3.3 Client Collaboration & Sign-Off

  • Key deliverables (e.g., updated hazard analyses, requirement dependencies) are routed through client-configured review queues.
  • Clients can assign their own safety-engineering or QA leads to inspect and approve any AI-suggested changes prior to deployment or regulatory submission.

3.4 Immutable Review Records

  • Each human review step is logged with reviewer ID, timestamp, and decision rationale.
  • These records feed into the audit trail, ensuring full accountability and traceability of every change.

3.5 Continuous Feedback Loop

  • Post-deployment safety findings or audit observations are fed back into our process, refining both AI-model prompts and human checklists to reduce recurrence of false positives or hallucinations.

4. External Vendor & Data Agreements

4.1 Data Processing Addendum (DPA)

  • Commits Saphira to GDPR-, CCPA-, and PIPEDA-compliant processing as a processor.
  • Defines sub-processor lists, breach-notification timelines, and data-subject rights support.

4.2 Third-Party Vendor Controls

  • Any subcontractors (e.g., cloud-hosting, managed-service providers) adhere to identical security controls and audit rights.
  • Annual vendor risk assessments and continuous monitoring.

4.3 Minimal-Scope Integrations

  • External systems (Jira, Jama, PLM tools) interfaced via read-only extract connectors or gated write sinks.
  • All tokens and credentials are scoped to the narrowest set of permissions required.

5. Data Privacy & Model-Training Commitments

5.1 No Central Model Training on Client Data

We use open-source LLMs and embedding models that are never fine-tuned with customer data.

5.2 No Central Data Collection

We do not aggregate or store client data in our cloud for model development or analytics. All processing strictly serves each customer's own use of Saphira.

5.3 Customer-Exclusive Usage

Client data and derived artifacts (embeddings, audit logs) are used solely to deliver Saphira's services back to that client. We never monetize, share, or re-use your data across customers.

6. Next Steps & Certification Support

If a customer requires:

  • A self-classification memo (e.g., EAR99) for export compliance
  • A SOC 2 or ISO 27001 certification letter
  • A customized security-control matrix

...our team can deliver these artifacts within 2–4 weeks. We can also accelerate ISO 42001 (AI-governance) or other audits if needed. Please let us know your priorities, and we will assemble the necessary documentation and schedule any required workshops or technical deep dives.

For questions about security, compliance, or privacy, please contact us at security@saphira.ai or compliance@saphira.ai.

Stay updated with Saphira

Get the latest news and updates delivered to your inbox.