Data Security
How ModelLens handles your models and data
Summary
- Your model files are never used to train any AI system.
- All data is encrypted at rest (AES-256) and in transit (TLS 1.2+).
- Model files are stored in your own isolated storage partition — no other user can access them.
- You can delete any model — or your entire account — at any time, and all associated data is permanently removed.
- Infrastructure runs on Microsoft Azure EU regions.
Your models are never used for training
Uploaded model files, analysis results, and chat conversations are used solely to provide the ModelLens service to you. They are never used to train, fine-tune, or improve any machine learning or AI system — ours or anyone else's. This includes the Perun reasoning engine.
What happens when you upload a model
Upload & storage
Your model file is transmitted over TLS and stored in Azure Blob Storage in an isolated, user-scoped directory (your_user_id/model_id/). No other user has access to your files.
Analysis
ModelLens loads your model into memory, runs inference on synthetic inputs to characterize its behaviour (feature importance, sensitivity, decision boundaries), and generates analysis artifacts (JSON results, charts). No training data is required or extracted.
Chat & Perun
When you chat with Perun, it receives a pre-built summary of the analysis results (a “knowledge card”) — not the raw model weights. Perun's answers are grounded in the computed analysis, not in general assumptions about your model.
Deletion
When you delete a model, all associated files (model weights, scaler, analysis cache, deep analysis results) and chat history are permanently deleted from both Blob Storage and the database. Nothing is retained.
Encryption & infrastructure
| Layer | Protection |
|---|---|
| In transit | TLS 1.2+ (HTTPS) for all API and web traffic |
| At rest (files) | AES-256 encryption via Azure Blob Storage (Microsoft-managed keys) |
| At rest (database) | AES-256 encryption via Azure Cosmos DB (Microsoft-managed keys) |
| Passwords | bcrypt hashing with per-user salt — plaintext passwords are never stored |
| Authentication | JWT tokens with configurable expiry, rate-limited login (10 attempts / 60s per IP) |
| Infrastructure | Microsoft Azure EU regions with standard DPA |
Data isolation
Every user's data is logically isolated at the storage level:
- Model files are stored in user-scoped directories in Azure Blob Storage.
- Database records are partitioned by user ID — queries are scoped to the authenticated user.
- Chat messages are partitioned by model ID and further filtered by user ID.
- There is no shared data space between users. One user cannot access, view, or infer information about another user's models.
Data retention & deletion
| Action | What happens |
|---|---|
| Delete a model | Model file, scaler, exploration cache, deep analysis, and all chat messages for that model are permanently deleted |
| Delete your account | All models (with cascade deletion above), user record, and usage data are permanently deleted |
| Inactivity | Accounts and data are retained while active. We do not currently auto-delete inactive accounts, but may introduce an inactivity policy with advance notice |
You can delete individual models from your dashboard, or delete your entire account from account settings.
What we do not do
- We do not use your models, analysis results, or conversations to train any AI or ML system.
- We do not share your data with third parties, except Microsoft Azure as infrastructure provider under a standard Data Processing Agreement.
- We do not use third-party analytics, advertising, or tracking cookies.
- We do not extract or reconstruct training data from uploaded models.
- We do not retain model files after account or model deletion.
Application security
- CORS: API only accepts requests from explicitly allowed origins.
- Security headers: X-Content-Type-Options, X-Frame-Options (DENY), strict Referrer-Policy, and restricted Permissions-Policy on all responses.
- Upload limits: Maximum 500 MB per model file, 50 MB per scaler file.
- Rate limiting: Authentication endpoints are rate-limited to prevent brute-force attacks.
- Input validation: File type and size validation before processing.
Enterprise & compliance inquiries
If your organisation requires additional security documentation — such as a completed security questionnaire, data processing addendum, or information about self-hosted deployment options — please contact us.
Email: info@zerooneresearch.ai
For the full legal privacy policy including GDPR rights, see our Privacy Policy. For terms of use, see our Terms of Service.