The Data Lifecycle

How Zedly moves your data from Cold Storage to Active Intelligence and back—without leaving a trace.

1

Secure Ingestion (The Tunnel)

  • User uploads documents via TLS 1.3 Encrypted Tunnel.
  • Data travels directly to the Zedly Vault. No intermediate caching servers are used.
2

The Vault (Cold Storage)

  • Files land in S3 Standard-IA (Infrequent Access) buckets.
  • AES-256 Encryption is applied immediately at rest.
  • Compliance Mode: For Enterprise plans, "Object Lock" (WORM) is enabled, making files immutable for legal auditing.
3

The Desk (Ephemeral Activation)

  • User selects specific files for a Project.
  • Data is streamed into a Secure Enclave (RAM Drive) using tmpfs mounts.
  • Zero-Disk Policy: The active data exists only in Volatile Memory. It is never written to a physical hard drive during analysis.
4

The Analysis (Sandboxed Execution)

  • The Zedly Agent (Python/LLM) runs inside a Network-Isolated MicroVM.
  • The Agent can read the RAM Drive to generate graphs or answers.
  • The Agent cannot access the public internet, preventing any data exfiltration.
5

The Purge (Total Destruction)

  • User closes the session or hibernates the project.
  • The MicroVM container is terminated.
  • The RAM allocation is cryptographically zeroed or reclaimed by the hypervisor.
  • Result: No residual data remains on the compute node.

Security One-Pager

For IT & Compliance Teams

Downloadable Summary of Zedly's "Zero-Retention" Architecture.

1

The Core Philosophy: "Ephemeral Intelligence"

Unlike standard AI tools that absorb your data to improve their models, Zedly operates on a "Read-Only, Run-Once" architecture. We treat your data as toxic waste to be handled carefully, not fuel for our algorithms.

  • No Model Training: We mathematically guarantee that your data is not used to train our base models (Llama 3, Claude, GPT-4).
  • Tenant Isolation: Every "Project" runs in its own isolated namespace. Cross-contamination of data between clients is physically impossible.
2

"The Vault" (Your Private Library)

Your long-term storage is built on industry-standard infrastructure designed for durability and compliance.

  • Infrastructure: AWS S3 (US-East/West) or Azure Blob Storage.
  • Encryption: Server-Side Encryption (SSE-S3) using AES-256.
  • Access Control: Strict IAM Policies ensure only your account's unique API keys can decrypt your specific objects.
  • Disaster Recovery: Automatic cross-region replication options available for Business plans.
3

"The Desk" (Your Clean Room)

When you ask a question, we spin up a temporary "Clean Room" for your data.

  • Technology: Firecracker MicroVMs or AWS Fargate Ephemeral Tasks.
  • Storage Medium: Volatile RAM (tmpfs).
  • Lifespan: The compute environment exists only for the duration of your active session.
  • Network Policy: "Egress-Deny-All." The code execution environment has no outbound internet access, ensuring your proprietary formulas cannot be sent to third-party servers.
4

Enterprise Compliance Readiness

Zedly is designed to slot into your existing compliance framework.

  • SOC2 Type II: Architecture ready for SOC2 auditing (Logs, Monitoring, Access Controls).
  • HIPAA: BAAs (Business Associate Agreements) available for Healthcare providers.
  • ITAR / GDPR: Option for "Local-Only" deployment. Run Zedly on your own physical servers (On-Prem) to keep data strictly within your facility's firewall.