Your workforce data never leaves your environment. That is the architecture.
Siwaan is built local-first by design. Every model runs inside your infrastructure. No cloud egress. No third-party APIs. No data ever transmitted to Siwaan servers.
The only AI platform with true on-premise inference
Most HR tech requires exporting sensitive data to external AI clouds. Siwaan runs Qwen2 LLM, spaCy NLP pipeline, and Sentence-Transformer embedding sets locally on your own CPU/GPU nodes.
The local agent syncs directly with your HRMS database. The only network call made to Siwaan cloud servers is for basic subscription state and user dashboard settings metadata — never raw employee logs.
Enterprise security controls built-in
SOC 2 Type II Audited
Independent audit of our security control design, operation, and operational safety. Report and trust package is available to enterprise clients under standard NDA.
GDPR & DPDP Compliance
Fully compliant with the European Union GDPR and India's DPDP Act 2023. Granular mechanisms allow complete deletion of employee records directly from local nodes.
Encryption by Customer Keys
All persistent metadata data in the dashboard is encrypted with customer-managed keys (CMK) at rest (AES-256) and in transit (TLS 1.3). We never hold raw master keys.
Granular RBAC Audit Logs
Enforce strict role-based access controls across the platform. Scoped roles separate Admins, HRBPs, and Managers, with fully auditable access logs logged to local storage.
Security Vulnerability Response
We take security seriously. If you discover a vulnerability or leak in any of our packages, please contact our response team immediately at security@siwaan.com. We acknowledge receipt within 24 hours and patch high-severity CVEs within 7 days.
Request our SOC 2 Report & Questionnaire
Our detailed security architecture documents and standard CAIQ security questionnaires are ready for your security evaluation team.