Security & Privacy

Built for Australian organisations

AusGPT is designed from the ground up with security, privacy, and compliance at its core. Your data stays in Australia, and is managed in accordance with the Australian privacy principles.

Your data is private and secure.

We use the latest OpenAI / ChatGPT models hosted privately on Microsoft Azure in Australia.

Your conversations and documents are not available to OpenAI, other customers or any third parties.

Your data is never used to train other AI models or improve any Microsoft or other third party services.

Australian Security Lock

Enterprise-grade security features

Organisations of all sizes trust AusGPT to meet their needs, including medical, government and other privacy-conscious organisations. We take this responsibility seriously and have developed comprehensive practices and technologies to ensure the security and protection of your data.

Australian Data Sovereignty

All data is stored and processed exclusively within Australian data centres on Microsoft Azure, ensuring compliance with local data sovereignty requirements.

End-to-End Encryption

Your data is encrypted both in transit and at rest using industry-standard AES-256 encryption protocols.

Privacy by Design

We never access, view, or use your data to train AI models. Your conversations and documents remain completely private.

Enterprise Security

Dedicated instance options, comprehensive logging, multi-factor authentication, and enterprise-grade access controls.

Compliance Framework

Built to meet Australian Privacy Principles, Essential 8, SOC 2 Type II, and ISO 27001 standards.

Access Management

Granular user permissions, role-based access control, and SSO integration for enterprise environments.

Our security practices at a glance

Data Protection & Privacy

  • All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
  • Zero-knowledge architecture ensures only you can access your data
  • Your data is never used to train AI models or improve third-party services
  • Automatic data deletion policies can be configured to meet your requirements

Access Control & Monitoring

  • Multi-factor authentication required for all user accounts
  • Role-based access controls with granular permissions
  • Comprehensive audit logging of all user activities and system events
  • Real-time security monitoring with automated threat detection

Infrastructure Security

  • Hosted on Microsoft Azure with enterprise-grade security controls
  • Network isolation and firewall protection for all systems
  • Regular security updates and vulnerability patching
  • Backup and disaster recovery procedures tested regularly

Compliance & Governance

  • Regular third-party security audits and penetration testing
  • Incident response plan with defined escalation procedures
  • Security awareness training for all team members
  • Data processing agreements available for enterprise customers

Questions about security?

Our security team can provide detailed documentation, conduct security reviews, and answer any questions about our security practices.

Contact us Start free trial