Question 1

Where does Sarvam store customer data?

Accepted Answer

In India, for Indian customers. Our managed production environment runs on Microsoft Azure's Central India region, and our LLM inference runs on sovereign GPU infrastructure operated by Yotta and NxtGen.  If your security posture demands more, we can deploy the entire stack inside your own VPC, an on-premises data centre, or an air-gapped environment with no external network dependency. We've run this pattern in production for UIDAI on bare-metal infrastructure.

Question 2

How is data encrypted at rest and in transit?

Accepted Answer

AES-256 at rest, TLS 1.2 or higher in transit. Every byte. That includes internal service-to-service traffic, and we enforce mTLS at integration boundaries.  If you'd rather hold the keys yourself, we support customer-managed keys (CMEK and BYOK), with rotation cadences and per-tenant isolation that you control.

Question 3

What deployment models do you support?

Accepted Answer

All of them. Managed SaaS on Azure Central India if you'd like us to operate the infrastructure. A single-tenant deployment in your own VPC on AWS, Azure, or GCP if you want isolation without owning the data centre. Fully on-premises if you do. Air-gapped if you need zero outbound network calls.  The platform is fully containerised on Kubernetes, provisioned with Terraform and Helm. The same artefacts deploy across all four targets, which means our security posture stays consistent wherever you run us.

Question 4

How is multi-tenant data isolated?

Accepted Answer

In our shared SaaS environment, tenants are logically separated using tenant-scoped JWT tokens, Azure VNet segmentation, and per-tenant database structures. Internal access is gated by RBAC with least-privilege defaults.  For customers who need physical separation, including banks, regulated enterprises, and government, we deploy single-tenant. And to be explicit: we do not use one customer's data to train or fine-tune models for any other customer. Ever.

Question 5

What's your data retention policy?

Accepted Answer

Whatever you need it to be. Retention is configurable per customer and per data category, covering audio, transcripts, and structured metadata. We support an ephemeral mode where data passes through our systems only for processing and is purged immediately afterwards.  At contract end, your data comes out of our primary systems and backups under our Data Record Retention and Deletion Policy. We'll send you a certificate of deletion when it's done.

Question 6

How does Sarvam handle PII?

Accepted Answer

We collect as little as we can. Customers can opt out of audio storage entirely. For data we do retain, sensitive fields are masked, hashed, or pseudonymised by default, and access is gated by RBAC with full audit logging.  We do not use your data, PII or otherwise, to improve models for anyone else. Custom model weights trained on your data stay in your environment, on your hardware.

Question 7

What is your incident response and breach notification commitment?

Accepted Answer

Two hours. If we discover a security or privacy incident that could affect your data, you hear from us within two hours of discovery, per our Breach Notification Plan.  Detection runs on Azure Monitor with Grafana dashboards. Response follows a documented Incident Management Policy that's part of our ISMS, with severity-based SLAs and a mandatory lessons-learned step after every incident.

Question 8

Do you conduct penetration tests and vulnerability assessments?

Accepted Answer

Yes. We run continuous code scanning across our private repositories, security testing in QA and staging before promotion, and we engage third parties for web application and API penetration tests. High and critical findings are tracked to closure before code reaches production. Executive summaries are available under mutual NDA.

Question 9

How is internal access to customer data restricted?

Accepted Answer

By default, no one has it. Production access is least-privilege and gated through SSO with MFA. Developers don't get standing access. Role assignments are reviewed on the cadence set out in our Access Control Policy, and every access event is logged for audit.  Every Sarvam employee passes background verification through SpringVerify before access is provisioned, signs a confidentiality agreement, and completes security and privacy training at onboarding with an annual refresh.

Question 10

How are Sarvam's AI models secured against misuse?

Accepted Answer

We train our foundational models from scratch on data we curate ourselves for quality and screen for sensitive content. At inference, we apply guardrails that enforce instruction adherence and screen for prompt injection, off-script behaviour, and hallucination.  Inputs and outputs are sanitised, sensitive-content filtering runs in both directions, and synthesised voices are restricted to those with explicit permission so they cannot be used to impersonate real people. Every model and prompt version is tracked with a full audit trail.

Question 11

What about business continuity and disaster recovery?

Accepted Answer

Encrypted backups run daily. Critical data replicates in real time. Production deployments span multiple availability zones and data centres with redundancy and failover, against RPO and RTO targets we agree with you upfront. Our BCP and DR plan is governed by our ISMS and exercised through tabletop scenarios.

Sarvam Trust Center

How we think about security

Secure by default.

Built for high-stakes environments.

Your data stays yours.

Honest about where we are.

Compliance

ISO 27001:2022

SOC 2 Type I

SOC 2 Type II

ISO 42001

India DPDP Act

RBI FREE-AI

MeitY Guidelines

CERT-In

Resources

ISO 27001:2022 Certificate

SOC 2 Type I Report

Penetration Test Summary

Information Security Policy

Data Processing Addendum

Responsible AI Framework

Privacy Policy

BCP and DR Plan

Incident Response Plan

Controls

Access Security

Network Security

Data Protection

Incident Response

Change Management

Vulnerability Management

Availability and Recovery

People and Organisation

AI and Model Security

Talk to our security team

Frequently asked questions