Data residency & verifiability

Gnosys runs the offline governor server-side: you upload labeled data through the API, and GEPA, the judge, the estimator, and the labeling queue all execute on Gnosys infrastructure. Raw inputs and the gold labels reviewers create live on Gnosys during a study. This page is the honest account of what that means and how we protect your data.

Why server-side (for now)

Server-side execution is how we ship the first version: one place runs the loop, nothing to deploy in your environment. The trade-off is real — your most sensitive data (safety, brand-safety, fraud-adjacent) is exactly the data you are most reluctant to send anywhere. We address that two ways.

Design-partner handling posture (today)

  • Encryption — TLS in transit; encryption at rest for datasets, gold labels, model bundles, and run artefacts.
  • Per-tenant isolation — every dataset, run, label task, and gold label is scoped to your tenant and never cross-tenanted; the API enforces it on every call.
  • Retention & deletion — configurable retention; hard deletion on request removes datasets, gold, predictions, and run artefacts.
  • PII redaction at ingest — where the canonical schema allows, fields can be redacted/hashed before storage.
  • Regional hosting — data can be pinned to a region.
  • DPA — a real data-processing agreement governs the engagement.

Bring-your-own-VPC / on-prem (next)

For buyers who cannot upload, the same server deploys into your VPC or on-prem. That restores the physical separation of powers the verifiability story relies on: you hold the data and the gold; Gnosys provides the estimator. It is on the roadmap as the enterprise unlock.

Verifiability now: procedural, not physical

With data server-side, verifiability is procedural — and still strong:

  • The estimand, metric, protected slices, and gold snapshot are hashed at pre-registration (the preregistration_digest in every report).
  • The frozen gold is immutable and tamper-evident; the report's gold_snapshot_hash pins exactly which labels produced the number.
  • Every result ships with a reproducibility manifest (model pins, seeds, code version, gold-snapshot hash, pre-registration digest, sampling weights) via GET /v1/experiments/{id}/report.

You can confirm the reported number was computed against the frozen gold under the locked plan, and recompute it. The VPC option later upgrades this from "trust the process" to "hold the data yourself."


Found a typo? Tell us.