---
title: "How is my data secured when using Ketryx AI features?"
description: "Ketryx upholds enterprise-grade security standards, validated through SOC 2 Type II. The description below provides a technical overview of our data handling and security, focusing on how customer data interacts with our optional AI and Large Language Model (LLM) features. 1\\."
category: "Frequently Asked Questions"
section: "Ketryx Agents and Assistant"
keywords: ["ai features", "llm", "response", "zero", "secure", "data", "security", "type ii"]
source_url: "https://support.ketryx.com/hc/en-us/articles/40700429234317-How-is-my-data-secured-when-using-Ketryx-AI-features"
last_reviewed: 2026-06-11
---

# How is my data secured when using Ketryx AI features?

> **In short:** Ketryx upholds enterprise-grade security standards, validated through SOC 2 Type II. The description below provides a technical overview of our data handling and security, focusing on how customer data interacts with our optional AI and Large Language Model (LLM) features. 1\.

Ketryx upholds enterprise-grade security standards, validated through SOC 2 Type II. The description below provides a technical overview of our data handling and security, focusing on how customer data interacts with our optional AI and Large Language Model (LLM) features.

#### **1\. Data Flow for AI/LLM Processing**

The use of AI features in the Ketryx platform is **entirely optional**. When enabled for tasks like document analysis or semantic search (RAG), your data follows a secure, zero-trust path:

1. **Secure API Call:** The specific data snippet is transmitted securely through HTTPS to the API endpoint.
2. **Zero-Retention Processing:** The call is directed exclusively to zero-data-retention endpoints at our LLM providers. This contractually guarantees **your data is never stored by the LLM provider or used for model training.** It is used only for the immediate API transaction.
3. **Secure Return:** The result (e.g., a summary or vector embedding) is returned to Ketryx and **stored entirely within your secure environment.** The original data snippet does not persist outside Ketryx.

This process ensures your data remains protected from long-term storage or training use by any third-party model provider.

#### **2\. Audit, Monitoring, and Logging**

As validated by our SOC 2 Type II report, Ketryx employs comprehensive controls for platform security and integrity:

- **Monitoring & Alerting:** We monitor infrastructure for suspicious activity (CC7.1) and use automated alerts to ensure timely investigation by our personnel.
- **Incident Response:** A formal, annually-tested Incident Response Policy (CC7.4) ensures an effective and orderly response to any security incidents.

These controls provide continuous oversight and active protection for your data.

## Related articles

- [Do Ketryx Agents train on our data?](do-ketryx-agents-train-on-our-data.md)
- [Is Ketryx SOC 2 Type II certified? Is Ketryx SOC 1 and SOC 3 certified?](is-ketryx-soc-2-type-ii-certified-is-ketryx-soc-1-and-soc-3-certified.md)
- [Can I use Ketryx to create an agent that connects to a Large Language Model (LLM) via API or MCP to generate documents like grant applications, FDA pre-submission documents, or 60601 testing checklists? Can this agent use my data in Ketryx as well as the](can-i-use-ketryx-to-create-an-agent-that-connects-to-a-large-language-model-llm.md)
- [How do I enable AI in Ketryx?](how-do-i-enable-ai-in-ketryx.md)
- [How often does Ketryx backup our data?](how-often-does-ketryx-backup-our-data.md)
