Tixa is built so that trusting an AI with your customers' questions doesn't mean trusting it with anything else. Here's exactly how your data is handled — no vague reassurances.
Run Tixa in Tixa’s managed cloud, or deploy inside your own Google Cloud or AWS (Enterprise). Private-cloud / on-prem deployment is on our roadmap — we’ll only claim it when it ships.
Your content, conversations, and indexes are isolated per tenant with row-level security. One customer can never see another’s data.
Data is encrypted in transit (TLS) and at rest. Secrets and credentials are stored in managed secret stores, never in code.
We do not use your content or your customers’ conversations to train models shared with other customers. Your data works for you only.
Tixa answers exclusively from your own content and connected data — never the open internet — and cites its sources. When it isn’t confident, it hands off to a human instead of guessing.
Role-based access controls what each team member and the public widget can see. Enterprise adds SSO/SAML and audit logging.
You control your data’s lifecycle. Deletion requests remove your content and derived indexes; we honor data-subject requests under GDPR/CCPA.
A Data Processing Agreement is available to all customers, with a maintained list of sub-processors (cloud and model providers).
SOC 2 Type II is in progress. Ask us for current status, our security overview, or a questionnaire response during procurement.
The Tixa widget identifies itself as an AI assistant to end users, in line with the EU AI Act's transparency requirements and applicable US state disclosure rules. Answers can show their sources, and unresolved conversations route to your human team.
The fine print, in actual writing: Data Processing Agreement, Privacy Policy, Terms of Service. For security questionnaires or a review call, book a call.