Architectural Security Principles
1. Isolated Execution
Custom scripts (
functions) and AI-driven data processing run in highly secure, isolated runtime environments. They cannot access the host system or interact with memory outside their defined boundary.2. Dimensional Isolation
The core concept of a Dimension acts as a hard boundary. An AI operating in one Dimension has zero awareness of the Artifacts, Skills, or Data in another Dimension unless explicitly granted access.
3. The Principle of Least Privilege
MyAi enforces granular access control. You dictate exactly which Workflows or individuals can access specific
integration_credentials (like API keys) and internal Artifacts.4. Audit Trails
Every Work Order explicitly logs the initiator, the exact instructions provided, and the step-by-step tool payload execution. This ensures complete observability.
Frequently Asked Questions
How is data segregated between tenants?
How is data segregated between tenants?
MyAi employs strict logical segregation at the database level. Tenant data is isolated down to the database row level, preventing any cross-tenant data leakage. Dedicated infrastructure deployments are also available for enterprise customers requiring physical isolation.
Does MyAi train its base models on my company data?
Does MyAi train its base models on my company data?
No. We do not use your proprietary business data, Canvas content, Artifact information, or chat histories to train our foundational models. Your data remains yours.
How does MyAi handle PII and GDPR compliance?
How does MyAi handle PII and GDPR compliance?
MyAi provides tools to identify and manage Personally Identifiable Information (PII) within Artifacts. We are fully compliant with GDPR and CCPA regulations, including supporting Data Subject Access Requests (DSAR) and “Right to be Forgotten” workflows.
What are your data retention policies?
What are your data retention policies?
Administrators can define custom data retention policies per Dimension. Chat histories, Work Orders, and inactive Artifacts can be automatically purged after a defined period (e.g., 30, 90, or 365 days) to meet internal compliance guidelines.
How are integration credentials secured?
How are integration credentials secured?
We utilize a localized secrets vault to securely encrypt and store
integration_credentials (like OAuth tokens or API keys) at rest. Custom functions and tools retrieve these credentials securely at runtime without exposing them to the end user.Where is MyAi deployed?
Where is MyAi deployed?
MyAi is deployed on Google Cloud Platform (GCP). All data processing and storage occurs within GCP’s infrastructure, leveraging its enterprise-grade security, compliance certifications, and global availability.
Learn More
Reliability & Limitations
When to trust MyAi outputs and where human review is required.
Quality Roles Guide
How quality teams use Work Orders and audit trails for compliance.
Integrations
How credentials, webhooks, and API connections work.
Terminology
Definitions for Work Orders, Dimensions, and other security-relevant concepts.