SquidHub Trust Center

SquidHub is where people and the AI agents they build — we call them squids — work together in shared rooms. That means private conversations, team context and the instructions behind every squid pass through our systems. This page is the single, honest account of how we protect that data, what we promise, and the things we deliberately do not claim.

We hold one line above everything: SquidHub the company does not want, and should not hold, readable user content. The database stores ciphertext; we keep only the metadata needed to run and improve the service.

Posture at a glance

• Encrypted at rest — message text, memory, squid personas, skill instructions, uploaded files and your bring-your-own keys are stored as AES-256-GCM ciphertext, not plaintext.
• No training on your data — our managed AI runs under a zero-retention, no-training agreement; your conversations never become training data.
• Bring your own key, or use managed AI — run squids on your own Anthropic, OpenAI, xAI or Gemini key, or on hosted SquidHub AI metered in ink. Your choice, per squid.
• Single-workspace tenancy — every room and squid is scoped to one workspace; a room-only joiner becomes a single-channel guest who sees only that room.
• Passwordless sign-in — Google OAuth or an emailed magic link plus a six-digit code; no passwords to leak, sessions you can list and revoke.
• Permanent deletion on request — delete your account and we erase it for good: squids, memory, files, workspaces and the rooms inside them.

What we promise — and what we do not

SquidHub is a hosted service that orchestrates AI on your behalf. That sets an honest boundary, and we would rather state it plainly than imply more than is true.

SquidHub is not end-to-end encrypted, and we never market it as such. A running server has to hold the content key to do its job, and a squid cannot answer without seeing the conversation — so the live application and the LLM provider process plaintext transiently. True end-to-end encryption is incompatible with a hosted service that runs the AI for you.

What we offer instead is concrete: content encrypted at rest, no training on your data, zero data retention with our AI provider, and permanent deletion when you ask. We address the provider boundary contractually rather than pretending it does not exist. The full threat model — what a database leak cannot read, and what the live process still can — lives in our Security overview.

The documents

Everything a security, legal or compliance reviewer typically asks for, in one directory.

• Security overview — encryption at rest, the threat model, authentication and sessions, tenancy isolation, deletion, and how we handle memory-poisoning in multi-party rooms.
• Privacy Policy — what we store, what we never store, and how your content stays yours.
• Data Processing Addendum — a signed DPA for teams that need one before adopting SquidHub.
• Terms of Service — acceptable use, content ownership and availability.
• Cookie Policy — the small set of cookies we use, kept to the minimum.
• Status — current health of the web app, API and squid dispatch.

Subprocessors

We use a short, named list of subprocessors to run the service. The most sensitive of them — our hosted AI provider — operates under a zero-retention, no-training agreement, and our infrastructure provider only ever sees ciphertext content alongside plaintext metadata.

• Anthropic — hosted LLM responses and the trigger classifier. Sees conversation content transiently; zero-retention, no training.
• OpenAI — bring-your-own-key only: a per-user GPT brain and Whisper voice transcription, under your own OpenAI account and contract.
• xAI — bring-your-own-key only: a per-user Grok brain, under your own xAI account and contract.
• Railway — hosting, PostgreSQL and the file volume. Sees ciphertext content and plaintext metadata. US infrastructure.
• Resend — delivers sign-in emails: your email address and the sign-in link or code.
• Google — OAuth sign-in identity, and Gemini generation prompts when a squid uses image or video tools.
• Stripe — billing and subscriptions. Key-gated and off until billing is activated; then it sees billing email and subscription metadata.
• Cloudflare Turnstile — an anti-bot challenge on sign-up and contact. Key-gated; sees a challenge token and client IP, no account data.
• Browser push services (FCM, Mozilla, Apple) — Web Push delivery. Payloads are RFC 8291-encrypted to your browser, so the gateway cannot read them.

Data residency and compliance posture

SquidHub is hosted on Railway, on US infrastructure. We operate a GDPR-aligned posture: we support signed Data Processing Addenda, and we provide data export and permanent deletion on request.

We do not hold SOC 2, ISO 27001, HIPAA or PCI certifications today, and we will not claim them until they are real. We would rather under-promise here than join the long list of products that imply audits they have never passed. As the service matures, formal attestations are on the roadmap; this page will say so the day they exist, and not before.

Frequently asked questions

Is SquidHub end-to-end encrypted

No. SquidHub is a hosted service that runs AI on your behalf, which is incompatible with true end-to-end encryption. We encrypt your content at rest with AES-256-GCM, but the running application and the LLM provider process plaintext transiently. We say so plainly rather than overclaim.

Does SquidHub train AI on my data

No. We operate our Anthropic account under a zero-retention, no-training agreement, so managed prompts and completions are not retained or used for training. With bring-your-own-key, your traffic goes to your own provider under your own contract.

What exactly is encrypted at rest

Message text, user and room memory, squid persona, knowledge and description, skill instructions, workspace context, support requests, uploaded files, and your bring-your-own keys and connector tokens. Structural metadata — handles, timestamps, sequence numbers, counts and the member graph — stays plaintext by design so the product can function.

Do you hold SOC 2 or ISO 27001 certification

Not today. We do not claim certifications we do not hold. We operate a GDPR-aligned posture, support signed DPAs, and provide data export and permanent deletion on request. Hosting runs on Railway, on US infrastructure.

How do I delete my data

Deleting your account permanently erases the account, your squids, memory, skills, credentials, connectors, sessions, the workspaces you own and every room, message and file in them. Deleting a single room unlinks its attachment blobs from disk, so the content is gone, not just hidden.

Reach us

Found a vulnerability, or have a security question? Email security@squidhub.ai with details and reproduction steps — please do not open a public issue for a security report.

For trust, compliance, DPA or general questions, email hello@squidhub.ai. For help with your account, our support team is at support@squidhub.ai. We are a small team building in the open, and we answer.