Your organizational data is walled off by architecture, deployed in the region the law requires, and watched by a security layer that flags sensitive fields the moment they arrive. AVA never shares it with an outside model.
When you register, we verify your location and deploy your tenant in the right region from the very first sync. Organizations outside North America are routed to our European Union servers, so EU data stays in the EU. No migration, no checkbox to remember. The routing is automatic, and it is the architecture.
Your region is decided at registration and applied to every tenant, sync, and AI operation from day one.
Tenants outside North America run on our European Union servers, aligned with GDPR expectations for where personal data is processed and stored.
Residency is enforced by where your tenant is deployed, not by a toggle a teammate could flip by accident.
When a platform connects, Mithril scans for personal and sensitive information and proposes how to protect it. It begins in shadow mode, logging what it would do, so you can review every decision before any masking is enforced.
Eight categories of sensitive data, from contact details to financial and medical fields, identified by name and by pattern as data lands.
From "show last four" to full redaction and numeric range buckets, with sensible presets for phones, emails, names, and salaries.
Watch what would be masked or blocked before anything is enforced. You turn on enforcement when you are ready, not before.
Every organization gets its own database. Every query touches only your collections. Cross-tenant access is impossible, enforced at both the application and the database layer, and AVA is locked to a single organization per conversation.
Credentials are encrypted at rest and scoped to your workspace. They are never shared across tenants, and sensitive values are stripped from results before they ever reach the AI or your screen.
Security-relevant events are logged with the actor, the context, and a retention window, so you can show an auditor exactly how a piece of data was handled and by whom.
Connections, disconnections, and policy changes are kept permanently. The trail is built to satisfy compliance and verify billing at the same time.
Walk through residency, isolation, and Mithril on a call, against your real compliance requirements.