Security
Enterprise-grade security, documented and transparent. Here's exactly how we handle your data during and after every engagement.
What data we access
We only access what you explicitly grant us during an engagement. This typically includes business processes, workflows, documents, and tool access needed to build your AI systems. If we manage ongoing AI operations for you, access continues under the terms of your service agreement. Otherwise, access is revoked at the end of the engagement.
How data is processed
AI processing runs through Anthropic's Claude API. Anthropic does not use your data to train models. Their data policy is published at anthropic.com/privacy. We do not send your data to any other AI provider unless explicitly agreed.
Encryption and access controls
All data in transit is encrypted via TLS 1.2+. Access to client environments is restricted to the engagement team and revoked upon completion. We use role-based access controls and audit logs for all client-facing work.
Data Processing Agreement
A DPA template is available on request for any engagement. We're happy to work with your legal team to align on terms before we start.
GDPR compliance
AI Heroes operates from London and Cologne, both within GDPR jurisdiction. We are fully GDPR compliant. Personal data is processed only where necessary and with a clear lawful basis. Data subject requests are handled within the statutory timeframe.
Your data never trains AI models
This is non-negotiable. Your business data, workflows, documents, and context files are never used to train any AI model — not by us, and not by Anthropic. Claude's commercial API does not use input data for training. Your competitive advantage stays yours.
Skills and context stay in your environment
The AI skills, prompts, and context files we build for you live in your own environment — your machine, your repository, your infrastructure. We don't host or store your AI configuration on our servers. You own it entirely.
Questions about security?
We're happy to walk through our security practices in detail. Get in touch and we'll set up a call.
Get in touch