TheoAI
Security & Trust

Built for institutional trust.

TheoAI is designed for classrooms, faculties, and enterprises that must defend scholarly integrity and legal expectations at the same time.

Request a security briefing Privacy policy

Security pillars

Non-exhaustive overview—your order form and DPA will be source of truth.

Multi-Tenant Isolation

Logical separation between organizations with least-privilege access and scoped secrets so one tenant cannot read another’s workspace.

Azure Infrastructure

Core services run on Microsoft Azure regions with managed identity patterns, private connectivity options, and monitored boundaries.

No Model Training on Your Data

Conversations are stored to power your features — never used for model training. Operational telemetry is minimized and focused on reliability, not content.

Behavioral Audit Trail

Administrative actions and policy changes emit structured events suitable for review—who changed what, and when.

Human-in-the-Loop

High-stakes workflows can require scholar or admin review before answers leave a controlled boundary.

Data Protection

Encryption in transit and at rest, key hygiene, and data-handling clauses aligned to institutional procurement expectations.

Compliance posture

We align contracts and subprocessors to what schools and enterprises already expect.

  • Data Processing Addenda

    Available for institutional customers with role definitions and subprocessors listed.

  • Student & research data

    Treated with heightened care; retention windows negotiated per deployment.

  • Accessibility & procurement

    We work with your IT and legal teams on questionnaires (SIG, CAIQ-style) as programs mature.

Specific certifications and regional attestations will be published as they complete—ask for the current roadmap on inquiry.

Infrastructure statement

Plain-language summary of how we think about production boundaries.

TheoAI separates application planes from corpus storage, uses managed services where possible, and defaults to private endpoints for institutional rollouts. Change management is gated; emergency access is rare, logged, and time-bounded. We assume breach: monitoring, alerting, and runbooks exist to contain and notify according to contract.

Read methodology overview Security inquiries: security@mindhyve.ai

Standards & certifications

Microsoft Azure

Cloud infrastructure

AES-256

Encryption at rest

GDPR / CCPA

Privacy compliance

SOC 2

Planned