Security

Security that reaches every cell.

Enterprise controls on the outside, an immutable audit trail on every cell inside. Your data stays yours — encrypted, access-controlled, and never used to train models.

AES-256 EncryptionUS / EU ResidencySSO & SCIM

Security certifications are underway, including SOC 2 Type 1 and 2.

Encryption everywhere

Data is encrypted at rest and in transit. Keys are managed in a dedicated KMS and rotated on a schedule.

AES-256 · TLS 1.3 · KMS-backed

Identity & access

SAML SSO, SCIM provisioning, and enforced MFA. Role-based permissions keep access scoped to the work.

SSO · SCIM · MFA · RBAC

Immutable audit trail

Every cell change is logged with author, time, and full lineage. Nothing is overwritten silently, and the log exports for auditors.

Per-cell · Tamper-evident · Exportable

Data residency

Choose where your data lives. Workbooks, files, and backups stay in the region you select.

US · EU · Region-pinned

Deployment options

Run multi-tenant, in a dedicated environment, or fully self-hosted inside your own cloud.

Multi-tenant · Dedicated · Self-hosted

You own your data

Your content is yours. We never train models on it, and you can export or permanently delete it at any time.

No training · Export · Hard delete

How we handle your data

We never train on your data. Your content is never used to train our models or anyone else's.
You can leave at any time. Export everything to .xlsx, or request a permanent, verifiable deletion.
Least-privilege internally. Employee access is scoped, logged, and reviewed — production access is the exception, not the default.
Subprocessors are documented. We publish the third parties that touch your data and notify you of changes.

Responsible disclosure

Found a vulnerability? We want to hear from you. Email security@vithril.com and we'll acknowledge within one business day.