Privacy & data handling
Your data stays inside your boundary.
Madison is deployed in your perimeter, trains on nothing you hold, and logs every action for the exam. This page summarizes how Madison handles data; a full security & compliance pack is available on request.
Where your data lives
Madison deploys inside your perimeter — on-premises, in your private cloud (VPC), or fully air-gapped. Vendor, contract, model, and customer data stays inside your boundary. There is no cross-tenant training and no data egress from your environment.
No training on your data
Your data is never used to train a shared model. Personal data is redacted before any model call, and inference runs against the LLM you bring (Azure OpenAI, AWS Bedrock, or a private deployment) under your keys and logging.
What we record
Every agent action and human decision is written to an exportable, tamper-evident audit trail — what was read, what was done, and why — so the evidence an examiner asks for already exists. You control retention and export.
Human accountability
No regulated step is taken autonomously. A person approves every regulated action; the agent prepares the decision and hands it over with the reasoning attached.
Security posture
Madison is aligned to SOC 2 Type II and ISO 27001, supports SSO/SAML and role-based access control, and encrypts data in transit and at rest. A full security & compliance pack is available on request.
Contact
For data-handling questions, a Data Processing Addendum, or the security & compliance pack, email hello@lyzr.ai or use the contact page.
This summary is provided for transparency and does not constitute a contract. Deployment-specific terms are set in your engagement agreement and Data Processing Addendum.