Privacy & Security
Using Nuclia for public access
Definition: A Knowledge Box is a container for your data.
-> Access rights on a public Knowledge Box -> API calls on a public Knowledge Box
Using Nuclia in private environments
Access rights on a private box: When a Knowledge Box is private, only authorized access is allowed.
-> API calls on a private Knowledge Box -> Using the widget on a private Knowledge Box
How to restrict access to a set of resources depending on the user
Nuclia grants access to all resources in a given Knowledge Box, so any user having access to the Knowledge Box can access any resource.
Nuclia allows you to define users with different roles. However, if you are building an application offering restricted access to its users, those using Nuclia may not be the same as those able to authenticate to your own application.
Nuclia users are meant to be able to manage the Knowledge Box, typically when logging in to use the Nuclia dashboard or the Nuclia Desktop application.
If you need to restrict access to a set of resources in a Knowledge Box, the proper approach is to isolate Nuclia behind your application, so that no user can have direct access to Nuclia, and let your application act as a proxy that will add an extra filter on any request to Nuclia.
Nuclia DB, the open source vector DB
NucliaDB is the database platform Nuclia uses to store and index data.
Core features:
- Easily compare the vectors from different models.
- Store text, files and vectors, labels, and annotations.
- Access and modify your resources efficiently.
- Perform semantic, keyword, full-text and graph searches.
- Export your data in a format compatible with most NLP pipelines (HuggingFace datasets, PyTorch, etc).
Nuclia DB architecture
Data ownership & security
All data is stored on the Nuclia Cloud platform but owned and isolated per Knowledge Box that is controlled by their users (owners).
Currently, Nuclia has one Zone located in Europe.
United States based zones are soon to come.
NucliaDB Hybrid on-prem
Host your own data by running your own NucliaDB instance on premise.
Processing will still be performed on the Nuclia Cloud platform.
Source data and the extracted information will be stored in your on-prem instance.
Processing data is transit only and not stored anywhere in Nuclia’s Cloud.
Full on-prem
- Data and processing all done on-prem, fully owned by customer
- On-prem hosted LLMs
Nuclia minimum hardware requirements for hybrid and on-premise deployments
* knowledge block = paragraphs
Data ownership & security
Data privacy
Your data is stored in your Knowledge Box, which is a private space that only you can access. You can decide to share your Knowledge Box with other users, but this is entirely up to you.
We do not use your data to train our language models, so there is no risk some piece of information from your data is leaked in another customer’s generated answer.
Note: you can run a training process on your own data, but it feeds a custom model located in your own Knowledge Box, and nobody else can access it.
Frequently asked security Q&A
-> Is data encrypted?
Yes, we use full disk encryption for the data that is stored at Nuclia.
-> Is data kept secure from other customers?
Yes, each customer’s data is stored in isolated buckets and shards. Access to our system and Knowledge Boxes is controlled by an API gateway auth(n|z) controller. If a user does not have access to a resource, the HTTP requests never get to the backend system.
Frequently asked security Q&A related with LLMs
-> Is my data being sent to external LLMs such as OpenAI’s GPT?
Nuclia offers its 100% private generative AI which does not send any data outside Nuclia.
If you decide to use an external LLM (right now we integrate with OpenAI, OpenAI at Azure, Palm2, Cohere, and Anthropic), yes, the context from your data needed to generate an answer will be sent to a 3rd party API.
Want to know more?
If you want to lear more and how we can help you to implement this, please use this form or join our community on Discord for technical support .
See you soon!
