enterprise · trust
Enterprise Security
Tank treats your research as confidential by default. Here is how we protect it across data, access, infrastructure, and the AI layer.
Data Security
All data at rest is encrypted with AES-256. Traffic is protected with TLS 1.3 end-to-end. Customer data is never shared with third parties or used for cross-tenant model training.
Access Control
Authentication is JWT-based with short-lived 24-hour sessions. Production access requires invite codes; ad-hoc operator actions are written to an append-only audit trail.
Infrastructure
Hosted on a dedicated VPS in Hong Kong with PostgreSQL, daily encrypted backups, and systemd-isolated services. Each component runs under its own user with minimum privileges.
LLM Privacy
All AI calls are routed through a private gateway. Tank uses NovAI and DeepSeek only — never OpenAI, Anthropic, or other third-party providers. No customer prompt is used to train upstream models.
Compliance
GDPR-ready data deletion endpoints, complete audit trail on every mutation, and a documented backup retention policy. PIPL alignment for the China region.
Availability
99.5% uptime target with automated health monitoring. SLO breaches trigger pager alerts via Lark and WeCom; the public status page reflects live operational state.