Security
Last updated: July 2026
Inflexa comes in two forms, and their security stories are completely different. The open-source software runs on your machine, and we are not in the loop at all. Inflexa Cloud is a hosted service, where we are. This page covers the self-hosted case first, because it is the one most people will use, and then the hosted case.
To report a vulnerability, email security@inflexa.ai.
Self-hosted: we are not in the loop
When you install the open-source orchestrator, your data does not travel to Inflexa. There is no account, no upload, and no telemetry. Analyses run in a container on your own machine and write their outputs to your own disk. The strongest security guarantee we can offer is the one where we are absent from the architecture, and this is it.
The sandbox
Analysis code executes inside a Docker or Podman container that is hardened by default: it runs as a non-root user, all Linux capabilities are dropped, no-new-privileges is set, input files are mounted read-only, and outbound network access is denied unless you explicitly allow it. That last one matters: by default, code the agent writes cannot phone anywhere, including to us.
Your model, your key
The self-hosted software talks to whichever model provider you configure, Anthropic, or any OpenAI-compatible endpoint, including a model you host yourself, using your own API key. Those requests go from your machine to your provider. They do not pass through Inflexa, and we cannot see them. Your agreement with that provider governs what they do with the prompt. If you point Inflexa at a locally hosted model, no prompt leaves your machine at all.
Read it yourself
Every claim on this page about the self-hosted software is checkable, because the source is public under Apache 2.0. Your security team does not have to take our word for what the software does over the network; they can read the code before you install it. We think that is the correct standard, and we would rather be held to it.
Inflexa is pre-1.0 software. It has not been through an external security audit. We disclose that here rather than let you discover it later.
Inflexa Cloud: our approach
Everything below this line concerns Inflexa Cloud and the inflexa.ai website, the cases where your data does reach our infrastructure. None of it applies to the self-hosted software.
For security questions about Cloud, or to request documentation, contact us at security@inflexa.ai.
We are still maturing our security program and are transparent about where we are in that journey. If you work with highly sensitive or regulated data, we encourage you to review this page carefully and reach out with any questions. We'd rather you make an informed decision than an uninformed one.
Life sciences data (genomics, transcriptomics, proteomics, clinical records) is heavily regulated, and rightly so. Here is how we think about security:
- Minimize data exposure. We only access the data we need, for as long as we need it. When you bring your own storage, we hold your data only during active processing and retain only metadata and pointers afterward.
- Give customers control. From bring-your-own-cloud deployments to privacy mode, we provide the controls that regulated organizations require.
- Be transparent. This page describes how we handle data today, including areas where we are still improving.
Compliance and assessments
Platform-wide (all plans)
These are organizational certifications and regulations. Once achieved, every customer benefits regardless of plan.
- SOC 2 Type II We have engaged an independent auditor and are implementing the controls required for the Trust Services Criteria (security, availability, confidentiality).
- ISO 27001:2022 We are building an information security management system (ISMS) aligned with ISO 27001:2022 requirements.
- GDPR We are aligning our data processing practices with the EU General Data Protection Regulation, including data subject rights, lawful basis for processing, and cross-border data transfer mechanisms.
Enterprise (per-customer)
These require per-customer legal agreements or validation work and are available on Enterprise plans.
- HIPAA BAA We are implementing the administrative, physical, and technical safeguards required for handling protected health information (PHI). Enterprise customers can sign a Business Associate Agreement (BAA), a per-customer legal contract that governs how PHI is handled.
- 21 CFR Part 11 We support electronic records and electronic signatures controls for FDA-regulated environments. Qualification documentation (IQ/OQ/PQ) is performed per customer deployment.
In the interim, we can provide:
- Our security questionnaire responses
- Details on our current controls and policies
- Architecture documentation for your security review
Contact security@inflexa.ai to request any of these materials.
Data architecture
Inflexa is designed so that your data stays under your control whenever possible. How and where your data is stored depends on which deployment mode you use.
What we mean by "your data"
When we refer to data on this page, we distinguish between:
- Scientific data: Your experimental data: count matrices, sequence files, sample metadata, clinical annotations, analysis results. This is the sensitive data you care most about.
- Platform metadata: Information Inflexa needs to operate: project structure, analysis configurations, user accounts, audit logs, pointers to your files.
- AI context: The prompts, queries, and data excerpts sent to language models during analysis. This may include fragments of your scientific data.
Deployment modes
Inflexa supports two deployment modes, each with different tradeoffs between convenience and data control.
Bring Your Own Storage (BYOS)
You connect your existing cloud storage (AWS S3, Google Cloud Storage, or Azure Blob Storage) to Inflexa. Your scientific data remains in your storage buckets at rest.
- During processing: Data is temporarily loaded into Inflexa's compute environment for analysis. It resides in our cloud only for the duration of the active computation.
- After processing: Results are written back to your storage. Inflexa retains only metadata and pointers (file paths, dataset schemas, analysis provenance), not the underlying scientific data.
- If you disconnect: Metadata and pointers remain in Inflexa for your account records. Your scientific data was never stored by us persistently.
This is the default mode for most customers. You keep your data in your own storage infrastructure while using Inflexa's compute and AI capabilities.
Bring Your Own Cloud (BYOC)
For organizations that require full control over data residency, Inflexa can be deployed entirely within your cloud environment.
- Data never leaves your cloud. Processing, storage, and analysis results all remain within your cloud account and region.
- You control the infrastructure. Compute resources run in your environment under your security policies, VPC rules, and access controls.
- Inflexa manages the application layer. We provide the platform software, updates, and support. You retain control of the underlying infrastructure and data.
BYOC is available on Enterprise plans. Contact us to discuss deployment.
AI and LLM requests
Inflexa uses large language models to power its conversational analysis agents. The models interpret results, suggest analytical approaches, generate code, and explain findings in scientific context.
What is sent to the LLM
When you interact with an Inflexa agent, we construct a prompt that may include:
- Your natural language query or instruction
- Relevant context from your current analysis session (e.g., column names, summary statistics, gene lists, pathway names)
- Analysis results and intermediate outputs
- Metadata about your dataset structure
We minimize the amount of raw data sent in prompts. For example, we send summary statistics and representative samples rather than full datasets wherever possible. However, some analyses require sending data excerpts (such as specific gene expression values or sample annotations) to the model for interpretation.
LLM providers
In Inflexa Cloud, we currently use Anthropic as our sole LLM provider. All LLM requests made by the hosted service go through Anthropic's API.
This is a fact about Cloud, not about Inflexa. The open-source software talks to whichever provider you configure, Anthropic, any OpenAI-compatible endpoint, or a model you host yourself, using your own key, and those requests never touch our infrastructure.
- Anthropic's data usage policy for API customers states that they do not use API inputs or outputs to train their models.
- We have a zero data retention agreement with Anthropic for customers with Privacy Mode enabled.
- All communication with Anthropic's API is encrypted in transit via TLS.
If we add LLM providers in the future, we will update this page and notify affected customers before routing any data to new providers.
BYOC and LLM requests
In Bring Your Own Cloud deployments, LLM requests still leave your cloud environment to reach Anthropic's API. This is currently the only data flow that exits your infrastructure.
Privacy mode
Privacy Mode controls whether your data can be retained by our LLM providers or used for any purpose beyond serving your request.
How it works
When Privacy Mode is enabled:
- We enforce zero data retention agreements with all LLM providers. Prompts and responses are not stored by the provider after the request is served.
- Your data is never used for model training by any provider.
- We do not log prompt contents or model responses on our servers for Privacy Mode users.
Who controls Privacy Mode
| Plan | Privacy Mode default | Can be turned off? |
|---|---|---|
| Personal | Not available | -- |
| Biotech | ON | Yes, org admin can disable |
| Enterprise | ON | Yes, org admin can disable |
Privacy Mode is not available on the Personal plan. It is available on Biotech and Enterprise plans, where it is enabled by default.
Biotech and Enterprise plans give administrators the choice to disable Privacy Mode if their organization's policies allow it and they wish to opt in to potential future features that may require data retention (such as improved model personalization). When an admin disables Privacy Mode, all team members are affected.
We take the Privacy Mode guarantee seriously. When in doubt about a request's privacy status, our systems default to treating it as Privacy Mode enabled.
Infrastructure security
Cloud infrastructure
Inflexa's platform infrastructure is hosted on AWS, with all servers in the United States. We use:
- AWS for primary compute, storage, and database services
- Cloudflare for DDoS protection and CDN
Access controls
- Infrastructure access is assigned on a least-privilege basis
- Multi-factor authentication is enforced for all cloud provider accounts
- Access to production systems is restricted to a small set of team members and is logged
- We use network-level controls (VPCs, security groups) to isolate services
Encryption
- In transit: All data is encrypted using TLS 1.2 or higher, both between your browser and our servers and between our servers and third-party services.
- At rest: All data stored in our infrastructure is encrypted at rest using AES-256 via AWS-managed keys. BYOS and BYOC customers manage their own encryption keys for their storage.
Subprocessors
| Provider | Role | Sees scientific data? |
|---|---|---|
| AWS | Primary infrastructure | Yes, during processing |
| Cloudflare | CDN and DDoS protection | Sees encrypted traffic only |
| Anthropic | LLM provider | Yes, data excerpts in prompts |
| Auth0 (Okta) | Authentication and identity management | No. Receives only authentication credentials |
We do not use any Chinese companies as subprocessors, and to our knowledge none of our subprocessors do either.
Application security
Authentication
Inflexa is accessed through a web interface. We support:
- Email and password authentication with enforced password complexity requirements
- Single Sign-On (SSO) via SAML 2.0 for Enterprise customers
- Multi-factor authentication (MFA)
Authorization
- Role-based access control (RBAC) governs what users can see and do within their organization
- Projects and datasets are scoped to organizations. There is no cross-tenant data access.
- Audit logs track user actions within the platform
Secure development
- All code changes go through peer review, dependency scanning, and automated testing before deployment
- Dependencies are monitored for known vulnerabilities
Account and data deletion
You can request deletion of your account and all associated data by contacting support@inflexa.ai. Upon deletion:
- All platform metadata, analysis configurations, and stored results are permanently removed from our systems
- For BYOS users: metadata and pointers are deleted. Your scientific data in your own storage is unaffected. We never stored it.
- For BYOC users: you retain full control of your infrastructure and data. We remove your account and platform configuration from our systems.
Your data is removed from our active systems within 30 days. Backups are rotated on a 30-day cycle, after which deleted data is no longer recoverable.
Vulnerability disclosures
If you believe you have found a security vulnerability in Inflexa, please report it to security@inflexa.ai.
Our response timeline:
- Acknowledgment within 3 business days
- Initial assessment within 10 business days
- Confirmed vulnerabilities are addressed as quickly as possible, prioritized by severity
We appreciate responsible disclosure and will work with you to resolve any issues.