Our commitment to uncompromising security
At Neuver Oy we understand that the security of your company's data is the cornerstone of our work. We are committed to the highest possible level of security and follow the EU General Data Protection Regulation (GDPR) and the EU AI Act closely.
Layered protection
Encryption at every stage
We use strong, industry-standard encryption to protect your data in all situations, both when it moves across the network and when it is stored on our servers.
Network and infrastructure security
We use Cloudflare's protection against denial-of-service (DDoS) attacks and to secure network traffic. This also helps hide the real IP addresses of our servers, adding an extra layer of security.
Flexible and secure login options
We offer several login options. If your organisation uses Microsoft services, you can use existing Microsoft accounts to log in. In that case users do not need to create new credentials, and you can seamlessly use your company's existing security practices, such as multi-factor authentication (MFA).
Granular access control
Within the service you can define precisely who sees what. Access rights can be managed per group and per folder, ensuring that employees can access only the information they are permitted to see.
Data location and secure processing
Data located in Finland
Your trust is of the utmost importance to us. That is why all our servers and the documents you store are physically located in Finland. This guarantees that your data stays under the protection of Finnish legislation and the strictest security standards.
Secure use of AI
We use the market-leading AI models through APIs. We have designed the process with security first:
- Minimal data transfer: Only the parts of the data essential for processing a query are sent to the AI.
- Temporary retention: Your data is not stored permanently in our partners' systems. Due to legal obligations, such as preventing misuse, data may be retained for a limited time (typically no more than 30 days), after which it is permanently deleted.
- Strict agreements: All our AI partners are bound by legally binding agreements that prohibit the use of your data for any other purpose.
- No model training: Your company's data is never used to train or improve AI models.
Tailored security solutions
We understand that every company has unique security requirements. We are ready to listen to your needs and implement tailored solutions. Examples of the possibilities include:
- Isolating the service behind your company's own VPN network.
- Dedicated server resources reserved for your use only.
- Customer-specific backup practices.
Continuous monitoring and development
To maintain security, we collect device and user information to identify and prevent anomalous or unauthorised activity. We also carry out regular security audits and vulnerability assessments to ensure that our defences are always up to date.
Contact
If you have any questions about our security practices, please feel free to contact our security team:
Neuver Oy
Security and data questions
Yes. Neuvise is built for organizations that handle sensitive information. Access is controlled at the company, group and personal level, data is encrypted, and the AI only retrieves documents the user is authorized to see.
All of Neuvise's application servers, databases, search indexes and document storage are located in Finland, under Finnish law. Only AI requests are processed outside Finland, and some AI calls may pass through servers outside the EU, including the United States.
No. Neuver Oy holds paid agreements with all AI providers that prohibit using your data to train AI models, and your company data is never used to train or improve models.
Neuvise processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and follows the EU AI Act. Our privacy policy describes your rights, including access, rectification, erasure, restriction, portability and objection.
No. Every search query enforces permission filters tied to your company, your groups and your personal files, and files are isolated per organization in storage. Users cannot reach documents outside their access.
Yes. The AI assistant uses the same permission filters as normal search, derived from your authenticated identity rather than anything the model is told, so it can only retrieve documents you are allowed to access.
Only the data needed to process a request is sent, such as a question or limited fragments of a document, not entire documents. Our terms state that this data is transient and is not stored permanently by the AI providers.