Our priority:
the security of your data.
Delos empowers your teams to work with leading AI models,
with uncompromising security and privacy wherever you're based.
Sovereign hosting and high availability
Delos offers enterprise-grade hosting with all customer data stored in certified data centers, compliant with international standards. Data is triple-replicated and backed up nightly, with robust disaster recovery plans tested for all regions.
We have business recovery plans (PRA/DRP) to deal with major incidents, regularly tested, with optimized RTOs and RPOs.
Zero training on your data and increased confidentiality
Your data never trains our models and never leaves your secure environment. All AI processes run exclusively within the region chosen by the client, with no storage of prompts or results. Advanced pseudonymization further strengthens privacy.
RGPD compliant
We pay great attention to the protection of personal data and to compliance with legal requirements. We apply a Privacy by Design approach. We have a DPO and specifically train our teams in these challenges. In this way, we facilitate the exercise of people's rights:
- right to be forgotten (cascading complete suppression mechanism, tested regularly);
- right of access to data.
Commitment to transparency
We detail our security measures in our trust center. We regularly carry out audits and penetration tests conducted by independent companies. We are ISO 27001 certified and aim for SOC 2 Type II certification. We are transparent about our data retention periods. In the event of an incident, we are committed to communicating quickly and clearly via:
- our status page;
- a dedicated channel for major accounts.
Secure by design
Security is built right from the start:
- systematic security reviews by experts for each new feature, taking into account the OWASP Top 10;
- regular training of technical teams in good security practices;
- continuous vulnerability scans on our infrastructure and applications;
- complete monitoring stack: activity logs, incident detection, alerting;
- strict application of the principle of least privilege via a centralized IAM;
- Internal ISMS (information security management system) documented and updated regularly;
- internal administration services protected by a VPN and systematic multi-factor authentication (MFA).
