Secure, Private & European Hosted
Enterprise-grade security is not optional — it's foundational to everything we build.
We understand that your data is your most valuable asset. That's why security isn't a feature we added — it's the foundation everything is built on. From ISO 27001 certified infrastructure to strict data ownership policies, we've designed Nandu so that your IT and compliance teams can say yes.
Our security standards
ISO 27001 Certified
Nandu is hosted on ISO-27001-certified Google servers in Europe.
GDPR Compliant
Full compliance with European data protection regulations.
No Training on Your Data
The AI models in use are not permitted to use your data for training purposes.
European Hosted
All data processing and storage happens on servers within the European Union.
Your Data Ownership
You are the account owner and all data is owned by you.
Secure Authentication
ISO 27001 certified multi-level user authentication and access management.
Common questions
Does Nandu train on my data?
No. The AI models we use are contractually prohibited from using your data for training purposes. Your data is processed for analysis only and remains under your ownership at all times.
Where is my data stored?
All data processing and storage happens on ISO 27001 certified Google Cloud servers within the European Union. We do not transfer data outside the EU.
Can I use my own LLMs?
Yes. Enterprise deployments can use your company's own language models. We adapt our agent architecture to work with your model infrastructure.
What about SOC 2?
SOC 2 Type II certification is on our roadmap. We currently hold ISO 27001 certification and maintain GDPR compliance across all operations.
Questions about security?
Our team is happy to walk through our security architecture with your IT team.