Security & Privacy

Your data stays yours

AI-K is a thin routing layer on top of Microsoft Azure. We meter usage and optimize costs. We never see, store, or log your prompts and completions.

How We Protect You

Security by design

Zero Prompt Logging

We never log, store, or inspect your prompts or completions. Message content stays in memory during processing and is never written to disk or database.

Hashed API Keys

API keys are stored as SHA-256 hashes. Even our own database administrators cannot read your keys. The raw key is shown once at creation, then never again.

TLS Encryption

All traffic between your application and AI-K is encrypted with TLS. We enforce HTTPS in production with HSTS headers.

Azure Infrastructure

Your requests are processed on Microsoft Azure OpenAI — the same enterprise-grade infrastructure used by Fortune 500 companies. AI-K adds routing and metering on top.

Rate Limiting & Protection

Redis-backed per-user rate limiting protects against abuse. Login endpoints have brute-force protection with automatic lockout after repeated failures.

Security Headers

Every response includes X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, Referrer-Policy, and Strict-Transport-Security headers.

Data Flow

How your requests are processed

AI-K sits between your application and Azure OpenAI. We handle authentication, routing, and metering. Your actual data passes through — we don't store it.

1

Your App

Sends API request with your API key

2

AI-K Platform

Validates key, routes request, meters usage

3

Azure OpenAI

Processes the request on Microsoft infrastructure

4

Response

Returned to your app. We log only token count and cost.

Transparency

What we store — and what we don't

We believe in being explicit about data handling. Here is exactly what our database contains for each API request you make.

Token counts (prompt + completion)Stored
Model name and providerStored
Cost per requestStored
Latency (response time)Stored
TimestampStored
API key hash (SHA-256)Stored
Prompt contentNever stored
Completion contentNever stored
Message historyNever stored
User data from your applicationNever stored
Raw API keysNever stored
Infrastructure

Built on Microsoft Azure

AI-K runs on Azure OpenAI Service — Microsoft's enterprise-grade AI infrastructure. Your data is processed within Azure's security boundary with their compliance certifications (SOC 2, ISO 27001, GDPR).

Southeast Asia

Azure Region

99.9% uptime

Provider SLA

TLS 1.2+ in transit

Encryption

Questions about security?

We're happy to discuss our security practices in detail. Reach out to our team for a technical walkthrough.

Contact Security Team