Skip to content
Aigentry
عربي Aisales Talk to us
Security & compliance

Built so legal & procurement
can say yes.

Last reviewed · 11 May 2026

UAE-first data residency

Customer operational data lives in Azure UAE North (Dubai datacentre). It does not leave the country. RERA Dubai, ADREC Abu Dhabi, and UAE PDPL expectations are met by default — not as an upsell.

Encrypted at rest

Azure SQL, Azure Blob Storage, and Azure AI Search indexes are AES-256 encrypted at rest with Microsoft-managed keys. Customer-managed keys are available for enterprise contracts on request.

Encrypted in transit

TLS 1.2 minimum across every public endpoint — product widgets, customer workspaces, webhooks, REST APIs, marketing sites. Microsoft-managed certificates. Modern cipher suites only.

Modern sign-in

Customer workspaces are gated by Microsoft Entra External ID for customers. We never see or store passwords. Multi-factor is available across every product, and federated sign-in is supported.

Hallucination guards

Every Aigentry agent is constrained to your real data. Agents are prompted to refuse inventing facts your business has not stated — listings, permits, contacts, or follow-up commitments staff have not made.

Audit log

Every privileged action inside customer workspaces (sign-in, configuration change, impersonation by support) is recorded with actor, timestamp, and tenant context. Available on request to the customer owner.

Data residency in detail

The operational footprint of every Aigentry product sits inside the UAE:

  • Azure SQL Database — UAE North. Customer operational data: conversations, leads, listings, tenant configuration.
  • Azure Blob Storage — UAE North. Customer-uploaded media: photos, brochures, floor plans, brand assets.
  • Azure AI Search — UAE North. Per-tenant retrieval indexes for grounded-AI conversations.
  • Azure App Service — West Europe today (UAE North App Service quota is constrained at the time of writing). No customer data is persisted on App Service instances — they handle request/response only.
  • Azure Static Web Apps — Marketing surfaces (aigentry.ae, aisales.ae) and customer-workspace SPAs are served from Microsoft's global edge. They carry no PII.

For enterprise customers requiring every component inside UAE North, we offer a dedicated deployment with a UAE-North App Service Plan as soon as Microsoft lifts the regional quota.

Regulatory alignment

  • RERA Dubai — Aisales attaches the listing's permit number to every quote the agent makes and refuses to discuss properties without one. Equivalent guardrails will ship in future property-domain products.
  • ADREC Abu Dhabi — Same permit-attachment guarantee for Abu Dhabi listings; bilingual conversation covers Arabic-first buyers across Saadiyat, Al Reem, and Yas Island.
  • UAE Personal Data Protection Law (PDPL) — Our role as processor is documented in the Privacy Policy. We sign DPAs with paying customers on request.
  • GDPR-aligned — For EU residents interacting with a customer's deployment, we apply data-subject rights (access, correction, deletion) under the same workflow as UAE PDPL.

Incident response

We notify the customer owner within 24 hours of confirming a security incident affecting their tenant. We publish a written post-mortem within 5 business days for any incident that caused data exposure or more than 4 hours of workspace downtime.

Where we're heading

Aigentry is working toward SOC 2 Type I within 12 months of formal incorporation and ISO 27001 within 24. Until then, customers running enterprise procurement can request our Security & Privacy questionnaire response — covers the standard ~80 questions Vanta / Drata templates ask. Email support@aigentry.ae.

Responsible disclosure

If you've found a vulnerability in any Aigentry product or surface, please report it confidentially to support@aigentry.ae. We acknowledge within one business day, fix within a timeline agreed with the reporter, and credit reporters by name on this page (with permission) once the fix has shipped.

Contact

Security disclosures & technical contact: support@aigentry.ae
DPA requests & procurement questionnaires: info@aigentry.ae