Is my data encrypted?

Yes. All data is encrypted at rest and in transit. KnowStack uses industry-standard encryption and is CASA (Cloud Application Security Assessment) certified.

Does KnowStack access my email content?

KnowStack only processes emails you explicitly connect. Email content is used solely for knowledge extraction and is stored securely in your isolated tenant.

Can I delete my data?

Yes. You can delete individual data sources, Knowledge Bases, or your entire account at any time. Deletion is permanent and includes all associated data.

Your Data. Fully Isolated. Secure by Design.

KnowStack is built with security as a core principle — not an afterthought. From authentication to data processing, every layer is designed to protect your company's information.

Data Ownership & Isolation

Your data belongs to you. Always.

Each company operates in a fully isolated environment
No data is shared between companies or workspaces
Access controlled at company, Knowledge Base, and section level

Your knowledge is visible only to users you explicitly authorize.

Access Control & Permissions

Advanced access control on all plans.

Role-based access control (RBAC)
Permissions at company, Knowledge Base, and section level
Different roles per user and per company

Teams collaborate safely — without overexposing sensitive information.

Authentication & Account Security

Modern, proven authentication standards.

Secure email & password authentication
Google OAuth support
Strong password requirements
Session-based authentication with automatic expiration
Protection against CSRF and session hijacking

Encryption & Data Protection

Protected both in transit and at rest.

Encrypted connections (HTTPS / TLS)
Secure encryption for stored credentials and tokens
Industry-standard hashing for passwords
Encrypted file storage

Sensitive data is never stored in plain text.

AI Processing Safety

Transparent and controlled AI features.

AI only processes data you explicitly connect or upload
Responses generated only from your Knowledge Bases
Manual edits and approvals always take priority
No cross-company AI data access

Your knowledge is never used to train public AI models.

Secure Integrations

Safe connections with external services.

OAuth-based access for email providers
Secure API connections
Minimal required permissions
Revocable access at any time

Disconnect integrations whenever you choose.

Background Processing & Job Isolation

Long-running tasks handled securely.

Knowledge Base generation in isolated jobs
Email fetching with strict access controls
Website crawling with scoped permissions
Document text extraction in sandboxed processes

Compliance-Ready Architecture

Designed to support compliance requirements.

Clear data boundaries per company
Audit-friendly permission structure
Predictable data processing flows
Enterprise-ready security architecture

Enterprise customers get additional compliance and SLA options.

Availability & Reliability

Your knowledge remains available when your team needs it.

Continuous background monitoring
Automatic job retries and failure handling
Secure cloud infrastructure
Scalable architecture built for growth

Transparency & Control

You always know what's happening with your data.

See what data is connected at all times
Monitor active AI processes
Review permissions for every user
Track AI usage costs in real time

No hidden processing. No silent access.

CASA Verified — Cloud Application Security Assessment

KnowStack has passed Google's Cloud Application Security Assessment (CASA), an independent security review conducted by an authorized App Defense Alliance lab. The assessment validates our application security practices against industry-recognized OWASP ASVS standards.

Assessed by TAC Security

Questions About Security?

If you need security documentation, architecture details, or have specific compliance requirements — we're here to help.