Security at Vectara

Security and Compliance at Vectara

Vectara bakes security and trust into the way we design, build, and launch our products. We never train our models on customer data. Learn how we can help you meet your GenAI security and compliance goals.

Vectara’s Trust Center

Visit Vectara’s Trust Center for information on Vectara’s compliance certifications, security tests, and additional information.

Privacy and Model Training

At Vectara, we do not train our models on customer data. Your data is yours. We’re able to do this while still having highly accurate retrieval and generation because we leverage the combination of retrieval augmented generation (RAG) on top of zero-shot models extensively. Our large language models are used for just their knowledge of language while we use search-based methods that don’t require model training for finding the right information.

Compliance Standards

Vectara is SOC-2 Type II and HIPAA certified. Our cloud infrastructure is hosted on AWS and GCP (having achieved ISO/IEC 27001, ISO/IEC 27017, SOC-1, SOC-2, SOC-3, PCI DSS, HIPAA, CSA Star, FedRAMP and many others) and available in several regions. Our billing provider, Stripe, is PCI DSS v4.0 certified.