Trust Center
Security is the foundation of everything we build. Your data protection is our highest priority.
Enterprise-Grade Security From Day One
We built Gemina with security at its core. Your sensitive documents are protected by industry-leading standards and regulatory compliance.
GDPR Compliant
Full compliance with EU data protection regulations. We support data subject access requests, right to erasure, data portability, and maintain transparent data practices.
CCPA Compliant
California Consumer Privacy Act compliance ensures your rights to know, delete, and opt-out. We never sell personal information.
Secure by Design
Security is built into every layer of our architecture, not bolted on as an afterthought. From code to infrastructure, we follow security-first principles.
Defense in Depth
Multiple layers of security protect your data at every stage - from transmission to storage to processing.
Encryption at Rest
All stored data is encrypted using AES-256, the same standard used by financial institutions. Encryption keys are managed through secure hardware security modules (HSMs).
Encryption in Transit
All connections are protected with TLS 1.3 encryption. We enforce HTTPS and regularly test our implementation against industry standards.
Secure Infrastructure
Hosted on enterprise-grade cloud infrastructure with automated security patching, network isolation, and 24/7 monitoring for threats and anomalies.
Access Controls
Role-based access control, API key management, and IP allowlisting. You control exactly who can access your data and from where.
Your Data, Your Rules
Complete control over how your data is stored, processed, and retained. No surprises, no hidden uses.
No Training on Your Data
Your documents are never used to train AI models. We maintain strict separation between customer data and model development.
Data Residency Options
Choose exactly where your data is stored. Select your preferred region or country to meet regulatory and compliance requirements.
Configurable Retention
Set your retention period and data is automatically purged when it expires. Every document has a built-in expiry date - nothing is kept longer than you specify.
Instant Deletion
Delete any document instantly via API or admin console. No waiting, no support tickets - full control to remove data whenever you need.
Zero Retention Mode
For maximum privacy, process documents entirely in memory. Data is immediately deleted after extraction - nothing ever touches permanent storage.
Complete Visibility Into Your Data
Our admin console provides real-time insights into how your data is being processed and accessed.
Admin Console
Everything controlled from one dashboard. Set retention policies, configure data residency, manage users, and view all extractions in real-time. Full transparency and control.
Comprehensive Audit Logs
Detailed logging of all system activities including document uploads, API calls, user actions, and configuration changes. Export logs for your own compliance and security analysis.
Real-Time Visibility
View all extractions as they happen. Track processing status, see results instantly, and access detailed reports. Complete visibility into your document processing pipeline.
Anomaly & Fraud Detection
Advanced AI monitors for suspicious patterns and potential fraud. Automatically flag documents with inconsistencies, unusual characteristics, or signs of tampering for human review.
Questions About Security?
Our security team is here to help. Get answers to your security and compliance questions.