Asimov was built for enterprise teams, with enterprise security enforcement. We understand that security is paramount when working with your organization’s most sensitive code and data.

If there is documentation or answers you require that aren’t covered below, please email our team and we will work through each of your questions: security@reflection.ai.

Data Collection and Storage

What data do we use and store

Asimov ingests and stores data from your connected integrations to build a comprehensive understanding of your codebase and development environment.

This can include:

  • Source code from connected repositories
  • GitHub discussions, issues, and pull requests
  • Teams conversations and channel history
  • Documentation and wiki content
  • Jira tickets and project management data
  • Any additional integrated tools and their associated data

Data storage and encryption

We implement industry-standard encryption protocols to ensure your data remains secure throughout its lifecycle within our systems.

PII and sensitive data handling

Asimov may encounter personally identifiable information (PII) present in your codebase, commit messages, or team communications. We treat all data with the highest level of security and do not process or extract PII for any purpose beyond providing Asimov’s core functionality.

LLM interactions and training

What gets sent to LLMs

When you interact with Asimov’s trial version, your queries and relevant context from your connected data sources are processed by our underlying language models to generate responses. This processing occurs within our secure infrastructure. For VPC deployments, the processing occurs within your architecture.

Training data usage

The models Asimov utilizes do not use your data for model training purposes. Your proprietary code, communications, and business data remains confidential and is never used to improve or train our language models.

Access Controls

RBAC: Asimov implements role-based access control to ensure appropriate access levels across your organization. We’re continuously developing our authorization framework to meet the diverse security needs of our enterprise clients.

Asimov currently has three user-roles:

  • Owner: Full control over the account including changing other owners.
  • Admin: Full access to all account settings, integrations and member management.
  • Member: Can access Asimov sessions and issue queries.

Integration data access

Can Asimov limit the data that certain users or roles have access to?

Currently, all data associated with the integrations set up by the account owner(s) and account admin(s) is accessible by all users on the account.

If you need additional information not covered above, please email us at security@reflection.ai and we will address each question.