Security & Privacy
Using an AI agent is like adding a junior team member—security and privacy are just as critical. At DrDroid, we prioritize making the experience both . Here’s how we ensure it:
Cloud Platform Security
✅ Self-hosted workers – Your credentials and internal tool access stay within your environment using our self-hosted proxy service.
✅ Data encryption – All data, whether at rest or in transit, is encrypted using robust security protocols.
✅ Enterprise-grade security – Our platform follows best practices, including multi-factor authentication (MFA), continuous vulnerability scanning, penetration testing, and strong network security measures like firewalls.
✅ Compliance & reporting – We uphold strict security compliance standards. Reach out for more details on our compliance framework.
AI & Large Language Models (LLMs)
Deployment
- We work only with trusted vendors that guarantee no data usage for model training.
- For enterprises, we offer dedicated AI instances and private model deployments.
Training & Data Handling
-
We do not fine-tune or train LLMs on customer data.
-
Our platform operates on principles of chaos minimisation, leveraging context from structured sources instead of depending on LLMs:
Tool & Data Access Controls
-
Isolated AI & backend services – The AI agent can request data but cannot execute actions directly. All execution requests pass through a backend review for correctness & safety.
-
Strict workspace-level isolation –
- Each workspace has a unique agent, restricted to its own data and tools.
- Data is accessed only on a need-to-know basis with proper authentication.
Compliance & Certifications
DrDroid is actively pursuing:
- SOC-2
- ISO 27001
For more details, visit our Trust Center.