# Security at Sunbeam

Canonical URL: https://sunbeam.cx/security

## Your data stays yours. Always.

We process your feedback securely and privately. We never use your data to train external models or share it with third parties.

## Core principles

- **You own your data.** Export or delete it at any time. Deletions propagate across all systems within 30 days.
- **Stored in the EU.** All data is hosted in GDPR-compliant AWS infrastructure in Ireland (eu-west-1).
- **Encrypted by default.** AES-256 at rest, TLS 1.2+ in transit. This includes backups and logs.
- **Strict access controls.** Role-based access, full audit logs, and mandatory MFA across internal tools. Production systems sit behind a private network.
- **Backed up continuously.** Hourly backups to a separate AWS account and availability zone.
- **No training. No mixing.** Your data is never used to train models, never shared between customers, and never sent to third-party AI services unless you explicitly request it.

## Need more detail?

Security documentation and DPAs are available on request.

- [Request security documentation](mailto:security@sunbeam.cx)
- [Talk to us](https://sunbeam.cx/contact)