At Odin Labs, we understand that you're trusting us with your most valuable asset: your code. That responsibility drives every decision we make about ODIN's security and privacy.
Our zero-trust architecture means we never assume trust. Every request is verified, every action is logged, and every piece of data is encrypted.
We operate on a minimal data retention policy. We only collect what we need, we use it only for its intended purpose, and we delete it as soon as it's no longer needed.
We are committed to industry-standard security practices and are actively working towards formal certifications
SOC 2 Type II certification is on our roadmap. Our architecture is designed to meet SOC 2 requirements.
ODIN is Dutch-built and GDPR-native by design. All data stays on customer infrastructure, ensuring full data sovereignty.
ODIN deploys on-premise on your infrastructure, giving you full control over your data. CCPA compliance is inherent to our architecture.
ISO 27001 certification is on our long-term roadmap. Our hosting infrastructure (Hetzner) maintains its own ISO certifications.
Enterprise-grade security built into every layer of our platform
All data in transit is encrypted using TLS 1.3. Data at rest is encrypted with AES-256.
Role-based access control (RBAC) with granular permissions. Integrate with your existing identity provider.
Complete audit trail of all actions, exportable for compliance reviews. Real-time monitoring and alerts.
API keys and tokens are never stored in plain text. Secrets are managed via secure vault integration.
All code execution happens in isolated, ephemeral containers with no network access to your production systems.
Every request is authenticated and authorized. No implicit trust, even for internal systems.
Transparent policies about what we collect, how we use it, and how long we keep it
We build AI that you can trust, with transparency, controls, and safety guardrails
Our models include built-in confidence scoring. Low-confidence suggestions are flagged for human review before action.
Configure approval requirements for different action types. Critical operations always require human confirmation.
Every AI decision includes an explanation of reasoning. View the context and logic behind each suggestion.
Additional security features and controls for organizations with advanced requirements. We work with your security team to meet your specific needs.
Integrate with Okta, Azure AD, Google Workspace, and other SAML 2.0 providers for unified authentication.
Deploy ODIN in your own VPC or on-premises infrastructure for complete control over your data.
Request penetration testing reports, security questionnaires, and custom compliance documentation.
Enterprise customers get a dedicated security liaison for questions, audits, and incident response.
Have security questions, concerns, or want to report a vulnerability? Our security team is here to help.
security@odin-labs.aiWe appreciate security researchers who help us keep ODIN secure. If you discover a vulnerability, please report it responsibly to our security team. We commit to acknowledging your report within 24 hours and working with you to understand and address the issue promptly.