A person standing between towering rocky cliffs, facing a glowing ring in the sky above clouds.

Data security overview

Transit

Data in transit

All data is transmitted over TLS-encrypted HTTPS connections. API requests are authenticated via Bearer tokens (API keys) validated on every call.

Rest

Data at rest — Ephemeral processing

Neuralk operates on a stateless, process-and-discard model:

Training and test data (feature matrices, labels)

Held in memory only for the duration of the inferencerequest. Once the prediction is returned, all data arrays are released from memory. No customer data is writtento disk or persisted in any database.

The API acts as an authenticated proxy:

data is forwarded to the inference engine, processed, and the resultsare returned in the same request cycle.

Storage

What we store

We store only operational metadata for billing, monitoring, and debugging purposes:

Stored

Request ID, Timestamp

Model name, latency

Credits consumed

HTTP Status Code

IP Address, user agent

Not stored

Training data (X_train, y-Train)

Test data (X_test)

Predictions / Probabilities

Raw request / response

Feature values or labels

See our Terms & Conditions for public API use.

Auth

Authentication & access control

API keys are hashed (SHA-256) before storage — raw keys are never persisted

// A. 01

Optional IP allowlisting per API key

// A. 02

Optional endpoint restrictions per API key

// A. 03

Daily request quotas and rate limiting enforced per key

// A. 04

Organization-level expiration and suspension controls Infrastructure

// A. 05

Hosted on Scaleway Kapsule, region fr-par (Paris, France, EU)

// A. 06

Internal service communication over private Kubernetes networking

// A. 07

No data leaves the EU infrastructure boundary during processing

// A. 08