> ## Documentation Index
> Fetch the complete documentation index at: https://docs.guardway.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Privacy and Security

> How Guardway handles your data, the boundaries between the gateway and the cloud dashboard, and the security controls you can rely on.

Guardway is designed around a simple principle: **your prompts and completions never leave your network**. The self-hosted gateway handles inference; the SaaS dashboard governs configuration, records administrative audit logs, and observes aggregate telemetry.

## The data boundary

| Stays on your gateway                               | Sent to the Guardway cloud                                                      |
| --------------------------------------------------- | ------------------------------------------------------------------------------- |
| Prompts and completions (request / response bodies) | Aggregate metrics: request counts, token counts, latency, cost                  |
| Provider API keys after attachment                  | Configuration you set in the dashboard (providers, routes, guardrails, budgets) |
| MCP tool calls and their payloads                   | Administrative audit logs (who did what, when, from where)                      |
| Cache entries                                       | Gateway health, version, heartbeat                                              |
|                                                     | Cost + spend rollups per team / key / model                                     |

<Note>
  **Audit logs live on the platform.** Administrative actions across your organization — config changes, key rotations, role updates, gateway registrations — are recorded centrally on the Guardway dashboard. View them from [Settings → Audit Log](/platform/settings/audit-log).
</Note>

## Encryption

* **In transit** — every hop (your app → gateway → provider, dashboard → gateway, gateway → control plane) uses TLS 1.2+.
* **At rest** — provider API keys and other secrets are AES-256 encrypted on the gateway. Keys are decrypted only in memory for the duration of a request.
* **Log redaction** — secret-looking values (Bearer tokens, `sk-...` keys, `Authorization` headers, password-like fields) are redacted from logs automatically.

## Authentication

* **Dashboard users** authenticate via Supabase with email + password; activation invites expire in 1 hour. Session timeouts are configurable per user (see [Console](/platform/settings/console)).
* **Gateways** authenticate to the control plane with a one-time registration token at first boot, then with long-lived derived credentials. You can revoke a gateway's credentials from the dashboard at any time.
* **Applications** authenticate to the gateway with API keys you issue (see [API keys](/platform/configuration/api-keys)) — per-key scopes, budgets, quotas, IP allow-lists, MCP access rules.

## Authorization (RBAC)

Gateway-scoped roles:

| Role       | Scope                                                 |
| ---------- | ----------------------------------------------------- |
| **Owner**  | Everything, including billing and org deletion.       |
| **Admin**  | Configure providers, routes, guardrails, teams, keys. |
| **Member** | Issue and use keys within their team.                 |
| **Viewer** | Read-only.                                            |

See [Access](/platform/configuration/members).

## Container hardening

The gateway image ships with:

* **Non-root user** at runtime.
* **Read-only root filesystem.**
* **Dropped Linux capabilities** — only the minimum set needed to bind ports and open outbound connections.
* **Restricted seccomp profile.**

Your container runtime needs to support these features; any recent Docker, containerd, or Kubernetes release does.

## Content safety

Built-in guardrails run **on the gateway** with low latency and no third-party dependency:

* **PII detection** — SSN, credit card, email, phone, API key patterns.
* **Hate speech / toxicity.**
* **Prompt injection** — jailbreak and instruction-override patterns.
* **Keyword filters** — custom allow and deny lists.
* **IP allow / block-lists.**

Violations are logged, optionally redacted, and can fire webhooks or block the request. See [Guardrails](/platform/configuration/security#guardrails).

## Data retention

* **On the gateway** — logs and traces follow whatever retention you configure. Default is rolling local storage; mount a persistent volume at `/var/lib/guardway` to survive restarts.
* **On the cloud dashboard** — aggregate usage and spend metrics, plus administrative audit logs, are retained for the life of your subscription. There are no raw request or response bodies stored in the cloud to retain.

## Compliance

Guardway's architecture is built to support:

* **SOC 2** — centralized auth, RBAC, audit logging, TLS in transit, key management, access reviews.
* **HIPAA** — centralized audit logs, PII guardrails, per-user access, automatic logoff (see [Console](/platform/settings/console)).
* **PCI DSS** — encryption at rest for secrets, credit-card PII detection, unique user identification, full audit trail.
* **GDPR** — PII detection and redaction, data minimization (no prompt bodies leave your network), incident-response support via audit log export.

Formal certifications are pursued per plan; email [compliance@guardway.ai](mailto:compliance@guardway.ai) for your current attestation package.

## Reporting a security issue

<Warning>
  Please do **not** file public GitHub issues for security reports.
</Warning>

Email [security@guardway.ai](mailto:security@guardway.ai) with a proof-of-concept, affected version, and your contact details. We triage within one business day, follow coordinated disclosure, and credit reporters with permission.
