Trust Center
Enterprise-grade Security & Trust
Sinequa was purpose-built for trusted AI to meet the security, privacy, and compliance needs of the world’s biggest and most heavily regulated enterprises.
ChapsVision has been recognized as a Leader in the SPARK Matrix™: Enterprise AI Search, Q4 2025. Learn more
Assistant
Trust Center
Sinequa was purpose-built for trusted AI to meet the security, privacy, and compliance needs of the world’s biggest and most heavily regulated enterprises.
The foundation of our security program is the protection of customer data. Trust and security is core to the value we provide, so it will always be top priority. By integrating enterprise-grade protocols with continuous independent audits, Sinequa ensures your information remains safe and resilient.
By integrating advanced data privacy protections, data management protocols, and AI governance, Sinequa ensures secure, compliant, and ethical handling of organizational and personal data.
Sinequa is committed to compliance in every region our customers are. Our platform has consistently maintained a robust list of certifications to ensure customer trust and regulatory compliance is supported.
Certified by the industry-standard for data security, Sinequa has an AICPA SOC 2 Type II audit performed annually.
Sinequa’s Information Security Management System (ISMS) is certified to the ISO 27001 standard, recognized globally for effective information security management
We run regular tests to monitor any security vulnerabilities, including regular penetration testing and audit logs.
Sinequa has implemented all the security controls required to act as a Business Associate under Health Insurance Portability and Accountability Act (HIPAA) of 1996.
All personal information for customers is secured and compliant with the General Data Protection Regulation.
Sinequa supports compliance with the California Consumer Privacy Act (CCPA), providing built-in capabilities for managing Personally Identifiable Information (PII) as defined by global privacy regulations.
To ensure data is fully protected, our built-in data security includes encryption at rest with AES-256 and encryption in transit. A Bring Your Own Key (BYOK) option is available to implement Zero Trust security on your search indexes at rest.
Each Sinequa customer has their own dedicated account, ensuring data and application workloads are entirely separated from other customers.
Customers can choose whether to deploy Sinequa on prem, in a private cloud tenant, or leverage Sinequa's fully-managed SaaS offering.
Customers can provide their own user identities through the identity provider (IDP) of choice, with SAML 2.0 and Open ID Connect (OIDC) support.
Sinequa mirrors existing security rules from corporate and application-specific directories if required. We can handle multiple security domains by automatically linking users across different domains.
Sinequa uses the 'principle of least privilege,' leveraging Azure's fine-grained role-based access control (RBAC) mechanisms.
Sinequa connects to over 200 sources of enterprise knowledge, ensuring to always encrypt and securing data, and honor employee and agent access controls in the process.
Sinequa’s cloud infrastructure is hosted on Microsoft Azure, and you can choose which region you prefer your data to reside in. Sinequa has multiple data centers, including Eastern United States, Western Europe, and Central France.
Sinequa leverages robust access controls, end-to-end encryption, continuous audit logging, and compliance protocols to protect sensitive enterprise data across cloud and on-premise environments.
Security, privacy, governance, and compliance are the bedrock of trusted enterprise agentic AI. With Sinequa you can build, deploy, and securely scale agentic AI with confidence.
Explore the Platform
Sinequa provides detailed documentation, plus tutorials, digital learning courses, and guidelines about how to secure an application built with the Sinequa platform. Documentation is provided online, as well as contextually embedded in the product, and is available in English and French. To find out more, please visit our Community Page.
Yes, security is applied across the platform: Indexing incorporates and reflects each source’s native security model, and security features are applied before, during, and after each query.
Security is at the heart of the Sinequa platform, from the point of data ingestion all the way through to its intelligent auto-suggest. Users do not see content they are not authorized to view, with auto-suggestion, and typeahead functionality also limited to authorized content. Sinequa’s architecture includes role-based access control as well as content-based access control applied throughout the entire platform. Security is inherited from existing security and user roles or assigned to content or users by an administrator if permissions are not available from source systems. Sinequa uses early binding and can handle multiple security models.