IronCloudLLM Platform Privacy Policy

Effective Date: July 19, 2025

Overview

IronCloudLLM (“IronCloud”, “we”, “our”, or “us”) provides a private, fully self-hosted enterprise AI platform designed to deliver advanced large language model (LLM) capabilities. These capabilities include Retrieval-Augmented Generation (RAG), Text-to-Speech (TTS), Speech-to-Text (STT), enterprise search infrastructure, and Model Context Protocol (MCP) integrations. This comprehensive Privacy Policy describes the manner in which data is handled, stored, and managed within your specific deployment of IronCloudLLM.

Data Ownership and Governance

IronCloudLLM ensures your organization’s data remains solely under your control. We do not store, transfer, process, or access your data externally without explicit authorization or configuration by you. All data governance, retention policies, and security measures are strictly defined and controlled by your organization.

Types of Data Processed

Depending on your use and configuration of IronCloudLLM, the platform may process the following categories of data:

• Prompt and Chat Data: All textual inputs provided by users and outputs generated by the AI interface.
• Document Data (RAG): Internal documents, knowledge bases, or any content sources indexed through your enterprise search infrastructure.
• Voice Data (STT/TTS): Audio information processed by integrated speech technologies such as Coqui, Whisper, Piper, or equivalent systems.
• User Metadata: Information obtained through Single Sign-On (SSO) integrations like Azure AD or Okta, as explicitly configured by you.
• Integration Logs: Logs and activity data derived from integrations with enterprise applications such as Jira, Confluence, SharePoint, GitLab, or Azure AI Search.

Data Storage and Retention

IronCloudLLM, by default, does not retain any data unless explicitly configured by your organization:

• Chat histories may optionally be stored locally within secure databases such as PostgreSQL.
• Indexed content from enterprise search operations remains within your secure environment.
• Voice data processing occurs locally or via privately hosted, authorized endpoints.
• All logging functions, including storage, encryption, and integration with security monitoring tools, are fully configurable and controlled by you.

AI Model Usage and Data Handling

IronCloudLLM offers integrations with various AI models, providing flexibility based on your organization’s security requirements:

• Self-hosted Models: Models such as LLaMA, Mistral, or Mixtral remain fully isolated within your environment, ensuring no external data transfers.
• Cloud-hosted Models: Models provided by external vendors like OpenAI, Anthropic, Azure, and AWS Bedrock operate under contractual agreements established between your organization and these vendors. You maintain complete control over which models are enabled and how data is managed or routed to these external services.

Cookies and Tracking

IronCloudLLM does not implement or utilize cookies, third-party tracking tools, or analytics by default. Any such implementations would occur solely through your organization’s explicit configuration.

Third-Party Integrations

IronCloudLLM supports secure and private integrations with third-party enterprise applications, including but not limited to Jira, Confluence, SharePoint, GitLab, Outlook, Azure AI Search, Elasticsearch, and identity management systems utilizing OpenID Connect (OIDC). All such integrations maintain data exclusively within your organization’s environment unless explicitly configured to do otherwise.

Security and Compliance

IronCloudLLM is specifically designed to meet stringent security standards and regulatory compliance requirements, supporting deployments that adhere to:

• NIST 800-171
• Cybersecurity Maturity Model Certification (CMMC)
• FedRAMP High
• International Traffic in Arms Regulations (ITAR)
• Criminal Justice Information Services (CJIS)

Deployment options include air-gapped environments, AWS GovCloud, Azure GCC High, and private cloud infrastructure, all of which utilize security measures including Multi-Factor Authentication (MFA), encrypted storage, TLS encryption, Role-Based Access Control (RBAC), and secure logging practices.

Disclaimer of Liability

As IronCloudLLM is provided as a self-hosted software platform, you assume complete responsibility for your deployment, maintenance, data security, and compliance adherence. IronCloud LLC expressly disclaims all liability arising from your use of the IronCloudLLM platform, including but not limited to any loss, unauthorized access, data breaches, or compliance violations resulting from your deployment or configuration choices. Your organization agrees to indemnify and hold harmless IronCloud LLC from any claims, damages, liabilities, or legal actions resulting from your deployment and operation of IronCloudLLM.

Your Responsibilities

Due to the self-hosted nature of IronCloudLLM, you expressly acknowledge and accept the following responsibilities:

• Managing all user authentication, authorization, access control, and user-related security policies.
• Defining, enforcing, and maintaining data retention, data backup, and data security practices.
• Ensuring compliance with all applicable laws, regulations, and standards relevant to your operations and deployment.
• Understanding that IronCloud LLC does not have access to your data unless a managed-support agreement explicitly grants such access.

Contact Information

For further information, questions, or concerns about this Privacy Policy, please contact:

IronCloud LLC

• Email: privacy@ironcloudllm.com
• Website: https://ironcloudllm.com