Security & Compliance

Enterprise-grade security with full compliance coverage

Tenant Isolation

InnFuse enforces strict tenant isolation at every layer of the stack. Data from one tenant is never accessible to another.

Database Isolation Each tenant has a dedicated PostgreSQL database. No shared tables, no row-level security workarounds.
Storage Isolation Separate object storage buckets per tenant with distinct access credentials.
Cache Isolation Prefixed cache namespaces per tenant. No cross-tenant cache pollution possible.
Secrets Management Per-tenant encryption keys stored in Kubernetes Secrets. Keys are never stored in the database or application config.

Architecture note Tenant isolation is enforced at the infrastructure level, not the application level. Even a complete application compromise cannot leak data across tenants.

Encryption

InnFuse applies encryption at multiple layers to protect data at rest and in transit.

Layer	Method	Scope
TLS 1.3	TLS 1.3	All data in transit between clients, services, and databases
AES-256	AES-256	Full disk encryption on all storage volumes
AES-256-GCM	AES-256-GCM	PII fields, API keys, credentials, and sensitive configuration

EU AI Act Compliance

InnFuse implements the requirements of the EU Artificial Intelligence Act for AI systems used in business contexts.

Transparency Users are always informed when they are interacting with an AI agent. Agent responses include clear AI disclosure markers.
Human Oversight Human operators can monitor, intervene in, and override AI decisions at any time. All tool executions with elevated security levels require human approval.
Data Governance All AI training and inference data is processed within the European Union. No data is transferred to third countries without adequate safeguards.
Risk Assessment InnFuse performs automated risk classification for all AI agent configurations. Agents handling sensitive data or critical decisions are flagged for additional review.

EU AI Act InnFuse is designed to comply with the EU Artificial Intelligence Act (Regulation 2024/1689).

GDPR Compliance

InnFuse fully complies with the General Data Protection Regulation (EU 2016/679). The following data subject rights are implemented.

Right	Implementation
Right of Access	Data subjects can request a full export of their personal data via the privacy dashboard or by contacting privacy@innfuse.nl.
Right to Erasure	Data subjects can request deletion of their personal data. Erasure is completed within 30 days, with confirmation.
Right to Portability	Personal data can be exported in machine-readable format (JSON, CSV) for transfer to another service provider.
Right to Object	Data subjects can object to AI-based profiling or automated decision-making. Objections are processed within 72 hours.
Data Retention	Configurable retention periods per data category. Default: conversation data 12 months, audit logs 5 years, account data until deletion.

Platform Audit Log

Beyond AI-specific auditing, InnFuse maintains a comprehensive platform audit log covering all administrative actions.

Login attempts, password changes, 2FA enrollment, session management
System settings changes, feature toggles, plan upgrades
Agent configuration changes, model switches, prompt updates
Data exports, deletions, and retention policy executions
Channel connections, disconnections, and configuration changes

Audit logs are retained for a minimum of 365 days. Enterprise plans support custom retention periods up to 10 years.

AI Audit Trail

Every AI interaction is logged in an immutable audit trail for compliance and debugging purposes.

Audit logs are retained for a minimum of 5 years in accordance with regulatory requirements. They can be exported in JSON or CSV format via the API.

Event Type	Data Logged
Tool execution	Tool name, input parameters, output, execution time, security level, agent ID
Knowledge base search	Query text, matched articles, relevance scores, agent ID
Agent handoff	Source agent, target agent, reason, conversation ID, context transferred
Tool approval request	Tool name, parameters, requesting agent, approver, decision, response time
Escalation event	Reason, source agent, target (agent or human), conversation context

Tool Security Levels

Every tool in InnFuse is assigned a security level that determines whether human approval is required before execution.

Safe

Read-only operations with no side effects. Executed automatically without approval.

Elevated

Actions that modify external data. May require approval depending on configuration.

Dangerous

Destructive or irreversible actions. Always requires human approval before execution.

Important Custom tools default to Elevated security level. Always review and set the appropriate security level when creating new tools.