Security & Compliance
Enterprise-grade security for every document
Your documents contain confidential data — contracts, patient records, financial reports, privileged communications. Ellon AI is built so that data never leaks, never trains a model, and never leaves the EU.
GDPR Compliant
All data processing complies with the EU General Data Protection Regulation. Infrastructure is hosted exclusively in EU data centres. Data processing agreements available for enterprise customers.
Zero Data Retention
Documents and translation results can be deleted immediately after download. No copies are kept. On paid plans, retention is capped (1–30 days by tier) and can be overridden per job.
SOC 2 Type II
Our infrastructure and processes are audited against the AICPA Trust Services Criteria for security, availability, and confidentiality. Reports available under NDA for enterprise prospects.
ISO 27001
Information security management certified to the ISO/IEC 27001 standard. Annual surveillance audits by an accredited certification body ensure continuous compliance.
Azure EU Infrastructure
All document processing runs on Microsoft Azure data centres within the European Union. No data leaves the EU for processing, storage, or backup.
No Training on Your Data
Your documents are never used to train, fine-tune, or improve any AI model. Each document is processed in an isolated session and discarded according to your retention settings.
How your data is protected
Upload
Documents are encrypted in transit via TLS 1.3. Files are stored in Azure Blob Storage with AES-256 encryption at rest, scoped to your account.
Process
AI model calls use secure API endpoints with no data retention agreements. Your content is processed in an isolated session — never batched with other users' documents.
Download
Results are served over TLS. If zero-retention is enabled, both the source and output files are permanently deleted from storage immediately after download.
Audit
Every document interaction is logged for compliance. Audit logs are retained per your plan's retention window and are exportable for SOC 2 and ISO 27001 evidence.
Frequently asked questions
Are my documents shared with third-party translation providers?+
No. Documents are processed using AI models via secure API calls. Your content is never shared with other customers, open-source projects, or third-party translation agencies.
Where is my data stored?+
All data is stored and processed in Microsoft Azure data centres within the European Union. For Enterprise customers, dedicated deployment options are available.
Can I get a Data Processing Agreement (DPA)?+
Yes. DPAs are available for all paid plans. Contact us at contact@ellon.ai or through the contact page to request one.
Is Ellon AI suitable for processing privileged or confidential documents?+
Yes. Law firms, financial institutions, and government agencies use Ellon AI for confidential document translation. Zero data retention ensures no copies persist after download. SOC 2 Type II and ISO 27001 certifications provide the audit trail regulated industries require.
Does Ellon AI comply with HIPAA?+
Ellon AI's zero data retention mode and encryption controls support HIPAA-compliant workflows. For covered entities requiring a Business Associate Agreement (BAA), contact us to discuss Enterprise deployment options.
Need a dedicated deployment?
Enterprise customers can run Ellon AI in a dedicated Azure environment with custom retention policies, SSO, and a signed DPA. Start with a free trial to evaluate, then talk to us about your security requirements.