Security
Security
How Skytells protects your data, infrastructure, and API access at every layer.
Security at Skytells
Skytells is designed with security at its core. Every layer of the platform — from network infrastructure to API authentication to data handling — follows defense-in-depth principles to protect your data and workloads.
Secure by Design
Encryption, authentication, network isolation, and compliance certifications.
Data Retention
How prediction outputs are handled, retained, and automatically purged.
Core Principles
| Principle | Description |
|---|---|
| Zero Trust Architecture | Every request is authenticated and authorized regardless of origin. No implicit trust. |
| Data Minimization | We collect only the data necessary to process your requests and maintain your account. |
| Ephemeral Processing | Prediction inputs are not logged. Outputs are automatically purged after a short retention window. |
| Encryption Everywhere | All data is encrypted in transit (TLS 1.3) and at rest (AES-256). |
| Regional Processing | Inference workloads execute in the region closest to the request origin. Data does not cross regions. |
Quick Reference
| Topic | Summary |
|---|---|
| Transport encryption | TLS 1.3 enforced on all API endpoints |
| Storage encryption | AES-256 for all data at rest |
| Authentication | Bearer token (API key) per request |
| Output retention | 5 minutes after prediction completion |
| Input logging | Prompts and inputs are never logged or stored |
| Training on your data | Never — Skytells does not use customer data for model training |
| Compliance | SOC 2 Type II, ISO 27001 |
For information about how Skytells handles your personal data and complies with privacy regulations, see the Privacy section.
How is this guide?