Security
How we protect your data, where it lives, and what we do with it.
Data Residency
All customer data is stored and processed in AWS eu-north-1 (Stockholm, Sweden). No data leaves the EU. We do not use multi-region replication, CDN caching of customer data, or cross-border backups.
Encryption
In transit: All data between Procore, Aigenture, and AWS is encrypted using TLS 1.2 or higher.
At rest: All stored data is encrypted using AWS KMS-managed keys (AES-256). This includes Procore bid data, vendor records, inspection logs, and trained model artifacts.
Procore Access Model
Aigenture connects to Procore via OAuth 2.0 Authorisation Code Grant. The access model is strictly read-only and limited to the minimum set of scopes required:
- Directory / Vendors (read)
- Commitments and Bids (read)
- Inspections (read)
- Projects (read)
Aigenture never writes data back to Procore. You can revoke OAuth access at any time from your Procore App Management settings.
Infrastructure Isolation
Every customer gets a dedicated, isolated AI deployment. Your project history trains your models only. No data from your Procore workspace is ever used to train models for other customers. No shared model artifacts. No cross-tenant data access.
Data Retention and Deletion
When you cancel, your data remains available for export for 30 days. After that period, all customer data is permanently deleted from our systems. Procore training data is deleted within 30 days of account termination upon request.
Infrastructure
Aigenture runs on Amazon Web Services (AWS) using services deployed in eu-north-1:
- Compute: AWS Lambda with isolated execution environments
- Storage: DynamoDB with server-side encryption and S3 with AES-256 encryption
- Networking: VPC with private subnets for data processing, API Gateway for public endpoints
- Secrets: AWS Secrets Manager for API keys and credentials
Contact
Security questions or concerns? Reach out to support@aigenture.com. We respond to security inquiries within one business day.
Questions about security?
Contact us directly for specific compliance or infrastructure questions.