RGX intercepts every payload before it hits an LLM — scrubbing PII, PHI, and financial identifiers in real-time. Tenant data is isolated at the data layer. Every redaction is logged to an immutable compliance event trail. Every API key is SHA-256 hashed. No plaintext credentials stored. No payload content persisted. This is what zero-leakage means in practice.
POST /api/v1/process call. Identifiers replaced with sequentially numbered tokens ({{REDACTED_PHI_1}}, {{REDACTED_FIN_2}}) before any LLM call or database write. Token map is never stored — raw values discarded immediately after the scrub pass.client_ref workspace is isolated at the database query level — not application-layer logic. A sub-key issued for Tenant A cannot access Tenant B's data. Cross-tenant access returns 403 at the infrastructure level before any query executes.compliance_redaction_events: event_id, node_id, tenant_id, seat_id, industry, redaction_count, token_namespace, and created_at. This log cannot be modified or deleted by API. It is the evidence trail auditors point to.LICENSE_KEY JWT — no outbound RGX network calls. Full deployment reference: /deploy.Each provisioned node operates in its own isolated data context. Usage events, billing aggregates, and API key data for one VAR are never accessible to another — not through the API, not through the dashboard, not even to us in normal operations. Complete data segregation is enforced at the database query level.
Your Master API Key is shown exactly once at provisioning. We immediately SHA-256 hash it before writing anything to the database — the plaintext key is never persisted. Authentication validates the incoming key hash against the stored hash. Even a full database dump cannot reveal your key.
Message text and payload content you transmit through /api/v1/process is processed in memory only — it is never written to our database. We log metadata only: endpoint, timestamp, byte count, token count, and redaction event count. Your clients' regulated data does not live in our storage.
All sensitive configuration data — credentials, tokens, and internal keys used to operate the infrastructure — is encrypted with AES-256-GCM before being written to disk. All data is transmitted exclusively over TLS 1.3. Your data is unreadable without the encryption key even if someone accessed the server directly.
Data transmitted through the /process endpoint is forwarded to our processing pipeline provider under a data processing agreement that prohibits use of submitted data for model training. If you use passthrough: true, data is not forwarded at all — the request is logged and stored only.
All API endpoints are rate-limited to prevent abuse and brute-force attacks against your node. Invalid key attempts are tracked. Nodes exhibiting anomalous usage patterns are flagged for review. Your key cannot be guessed — it is a 48-character hex string generated from a cryptographically secure random source.
Hosted on Render (SOC 2 Type II certified). Database on PostgreSQL with encrypted connections. All secrets managed via environment variables — never hardcoded. Infrastructure access restricted to authorized RGX Systems personnel only.
RGX runs on Render's SOC 2 Type II certified infrastructure — independently audited for Security, Confidentiality, and Availability. Audit period: October 2024 – September 2025.
Our infrastructure provider maintains a GDPR Data Processing Agreement (DPA). VAR operator data is handled in accordance with GDPR requirements. See our DPA for full details.
Every /process request passes through the Compliance Engine before any LLM call is made. Text is scanned for PII/PHI using industry-specific pattern sets, identifiers are replaced with numbered tokens ({{REDACTED_PHI_1}}, {{REDACTED_FIN_2}}), and the scrubbed text is what the model receives. Raw identifiers never leave your network.
Every request that triggers a redaction fires a non-blocking write to compliance_redaction_events — permanently recording the timestamp, tenant_id, seat_id, redaction count, and pattern types matched. This log cannot be modified or deleted by API. It is the evidence trail a CISO or auditor can point to.
Email us at security@rgxsystems.com — we respond to every inquiry.
Get Started Free → Read our Data Processing Agreement →