Layered security for AI-built apps

AppDeploy is designed to isolate apps, scope data access, and protect user data with multiple controls working together: tenant boundaries, short-lived credentials, sandboxed execution, encryption, and operational safeguards.

Last updated: April 6, 2026

Report a security issue

For a deeper walkthrough, read our security blog post .

Trust overview

This page summarizes the core platform controls and operating assumptions most often reviewed before production use.

Data processing agreement
Available
Subprocessors
Public list available
Primary data storage and runtime region
us-east-1 (N. Virginia)
CDN / edge delivery
May use global edge locations for content delivery.
Public app links
Deployment URLs are random and non-sequential, but anyone with the link can access the app unless the app adds authentication and authorization, which are built-in capabilities in the AppDeploy SDK.
Log and backup retention
Build logs up to 30 days, security and access logs up to 90 days, backups up to 30 days after deletion.
For more information see the Privacy Policy .
Sensitive / unsupported data
Do not submit secrets, payment card data, government IDs, or PHI/ePHI. No HIPAA workloads without a written BAA.
For more information see the Privacy Policy .
Operational staff access
Operational access is limited to authorized personnel under least-privilege controls for support, security, and reliability.
Security reporting
security@appdeploy.ai

Shared responsibility

AppDeploy secures the platform and hosting environment. You remain responsible for app-level authentication, authorization, user permissions, and deciding what data your app collects or stores.

Platform protections

  • Infrastructure security and hosted runtime controls.
  • App isolation, scoped access, and sandboxed execution.
  • Credential handling, encryption, monitoring, and recovery practices.

What you still control

  • Who can sign in and what each user can access.
  • App-level privacy choices, retention decisions, and sensitive data handling.
  • Whether a deployed app remains public or adds its own authentication.

Security at a glance

These controls are designed to work together on every request rather than relying on one barrier.

Tenant isolation

Each app is kept in its own scope, so another AppDeploy app cannot read your app's files, database records, or internal messages through normal platform paths.

Short-lived credentials

Tenant-scoped access uses temporary credentials generated for a specific app and operation, reducing reuse risk if a credential is exposed.

Sandboxed execution

Backend code runs in a constrained sandbox with limited filesystem and runtime access, helping contain buggy or malicious code within its app boundary.

Policy-enforced boundaries

Separation is enforced at the infrastructure level as well as in application logic, so storage and shared data access remain tenant-scoped by policy.

Secrets handling guidance

Secrets, API keys, payment card data, government IDs, and other restricted data should not be placed in prompts or project files.

Encryption and operations

AppDeploy uses TLS in transit, encryption at rest where supported, least-privilege internal access, and operational monitoring and recovery practices.

Frequently asked questions

Short answers to the security questions people typically ask before shipping production apps.

What are AppDeploy's core security controls?

AppDeploy uses layered controls including tenant isolation, short-lived credentials, sandboxed execution, encryption in transit, encrypted storage where supported, and infrastructure-level policy enforcement.
For more detail, see How AppDeploy protects app and user data.

Can I deploy sensitive or regulated data?

Do not submit secrets, payment card data, government IDs, or other restricted data in prompts, project files, or messages.
AppDeploy does not support HIPAA workloads and should not be used for PHI or ePHI unless agreed separately in writing under a BAA.

How long are logs and backups retained?

Build logs are retained for up to 30 days, security and access logs for up to 90 days, and backups for up to 30 days after deletion on a rolling basis for disaster recovery.

Are deployed app links private?

No. Deployment URLs are random and non-sequential, but anyone with the link can access the app unless the app adds authentication and authorization, which are built-in capabilities in the AppDeploy SDK.

What stops one AppDeploy app from reading another app's data?

AppDeploy combines tenant-scoped data paths with infrastructure-level policy enforcement. In practice, storage access, shared database access, and internal service paths are designed to stay within the current app's scope.

Can AppDeploy staff access my app data?

Operational access is intended to be limited to authorized personnel under least-privilege controls for support, security, and reliability purposes.
AppDeploy's platform controls are designed to keep tenant data scoped, but internal operational access is not the same thing as end-user access inside your app.

See full FAQ

Subprocessors

AppDeploy uses a short list of infrastructure and authentication providers to operate the platform.

These providers are limited to hosting/CDN and optional authentication services used to operate the platform.

Provider
Amazon Web Services (AWS)
Service / function
Hosting, storage, runtime execution, logging, and CDN delivery
Region
us-east-1 (primary); global edge locations for CDN delivery
Provider
Google LLC (Firebase Authentication)
Service / function
Optional sign-in and identity verification
Region
United States
Provider
X Corp.
Service / function
Optional X OAuth sign-in
Region
United States

For the authoritative and current list, see Subprocessors.

Related trust and policy resources

The security overview sits alongside the legal and operational documents that define how the platform is run.

Privacy Policy

How AppDeploy handles personal data, logs, retention, and data rights.

DPA

Data processing terms, responsibilities, and transfer safeguards.

Subprocessors

The infrastructure and service providers used to operate the platform.

Security blog post

The longer narrative version of the platform security model and FAQ.

Questions about security or data handling? Review the Privacy Policy, DPA, or email security@appdeploy.ai.