Data Ownership
Customers retain ownership of their data and any outputs derived from it. Processing is limited to delivering contracted services under agreed terms and controls. Customer data is not used or disclosed for any other purpose, including secondary or unrelated processing.

Data Encryption
Customer data is encrypted in transit (TLS 1.2–1.3) and at rest (AES‑256 or stronger). Keys and cryptographic materials are managed under documented controls with restricted access. These encryption controls are subject to independent audit and ongoing verification.

Backup & Disaster Recovery
Backups are centrally orchestrated with defined cadence and retention, and stored redundantly within the selected region across independent fault domains. This ensures recoverability through restorations in accordance with RTO and RPO objectives.

On-Prem & Customer-Managed Cloud
On premises and customer managed cloud deployments ensure the NovaceneAI Platform is installed within the customer’s cloud account and governed by internal IT policies. Data and workloads remain within the customer’s environment under existing security and compliance controls.

Single Tenant Hosting
A dedicated, single tenant, private environment in which customer data is isolated from other customers’ data. Available with leading cloud service providers (CSPs)—including Azure, AWS, GCP, and Oracle Cloud—this model offers privacy advantages over multi tenant SaaS products.

Air-Gapped / Offline
Available for customers that require complete, continuous isolation from the public internet. Operates with no external connectivity and uses controlled, auditable processes for software updates and data transfer, with change‑control procedures enforced to maintain isolation.

AI Provider Choice
The NovaceneAI Platform supports commercial generative AI providers (e.g., OpenAI, Anthropic, Google), in cloud models (e.g., Azure OpenAI, AWS Bedrock, Google Gemini), and on disk models, including open source SLMs and LLMs. Configurations prevent data retention and model training on customer data, while local options operate without external transmission to enhance privacy and cost control.¹

AI Explainability
The NovaceneAI Platform provides teams with the ability to review human-readable rationales for every AI output produced, supporting trusted AI within regulated operational environments. These rationales provide justifications that help teams understand, trust, and improve AI outcomes on an ongoing basis. The rationales are easily accessible through the platform’s built-in insight visualization dashboards.

AI Observability & Traceability
With NovaceneAI Traces™, teams are able to visualize data lineage as it traverses through AI workflows, supporting auditability and continuous improvement. The platform provides visibility into AI orchestration decisions, agent selection, parameters, input context, insights produced, and AI rationales. Every AI output includes a link to its trace, providing easy access to see how each insight was produced.

AI Guardrails
The platform supports governance of outcomes through policy based business guardrails, including standard operating procedures, playbooks, and contextual policies. This enables organizations to achieve tailored AI outcomes that align with business processes and domain ontologies and provide actionable insights appropriate to operating conditions.

Human-in-the-Loop
The platform provides a built-in capability for business experts to provide structured feedback to the AI directly rather than relying on intermediary teams. This feedback produces auditable updates to AI instructions prior to deployment and allows experts to rate AI accuracy and quality to ensure accountability and continuous improvement.

Ethical AI
Ethical AI practices are applied across planning, design, and implementation to support responsible use in regulated environments. These practices include policy alignment, risk and impact assessment, bias and safety evaluation, documentation and transparency of model behavior, and human in the loop oversight with clear accountability.