Data Storage & Infrastructure
All data is stored in Google Cloud Firestore (Firebase), hosted in the nam5 (US Central) region. Infrastructure-level SOC 2 and ISO 27001 compliance is provided by Google Cloud.
No. All data is scoped to the individual user UID at the Firestore document level. It is architecturally impossible for one account to access another account's data. This has been verified in the codebase.
No. Metric scoring, session state, and conversation history are all computed and stored per UID. No cross-account queries or aggregations exist.
User-provided API keys are encrypted using Fernet symmetric encryption before being written to Firestore. Keys are decrypted in memory only at the time of use and are never logged.
Access is limited to the founding team for support purposes only, is logged and auditable, and is never performed routinely. No third parties have access to user conversation data.
Data Use & Training
No. PsiGuard does not use conversation data to train or fine-tune any AI model, for any account type — including free accounts.
Sandbox Evaluation Isolation Model
The following isolation properties have been verified against the PsiGuard production codebase and confirmed in writing. This section is provided specifically for enterprise security reviewers and procurement teams.
| Property | Detail | Status |
|---|---|---|
| Isolation model | Logical isolation at the account and Firestore document level. All data is scoped to the user UID — architecturally enforced in the backend. One account cannot read or write another account's data. | ✅ Confirmed |
| Cross-account data sharing | None. Metric aggregation, session state, and conversation history are all scoped per UID. No cross-account queries exist in the codebase. | ✅ Confirmed |
| Shared caching layer | None. In-memory session state is held in a per-UID dictionary. No Redis or shared cache is in use. | ✅ Confirmed |
| Session statefulness | Monitoring is stateless per session. Each conversation starts fresh with no state carried from other sessions or accounts. | ✅ Confirmed |
| Sandbox account tagging | Evaluation accounts are explicitly tagged with a sandbox flag in Firestore. The PsiGuard console displays a visible Sandbox Evaluation badge for tagged accounts. | ✅ In Place |
| Dedicated infrastructure isolation | Available upon request for enterprise contracts requiring physical database or deployment separation. | 📋 On Request |
Evaluation accounts on PsiGuard are logically isolated at the account and database document level. All data is scoped to the evaluator's unique user ID (UID) and is architecturally enforced — no cross-account data access is possible. Evaluation data is tagged, visibly badged in the console, and never mixed with production accounts. Dedicated infrastructure isolation (separate Firebase project or private deployment) is available upon request for enterprise contracts with explicit physical separation requirements.
Data Retention & Deletion
Conversation data is retained until the user deletes it. Users can delete individual conversations or their entire account from the dashboard at any time.
Sandbox accounts can be deprovisioned by PsiGuard administrators at any time. All associated data is removed from Firestore upon account deletion. Enterprise customers can request written confirmation of deletion.
Compliance Roadmap
A formal DPA is on the roadmap for Q2 2026. Enterprise customers with immediate DPA requirements should contact the PsiGuard team directly to discuss options.
SOC 2 Type II certification is on the product roadmap. Infrastructure-level compliance is currently provided through Google Cloud's certifications.