Security & Data Handling
Last updated: July 2026
Open, auditable by design
The Semantica core engine is MIT-licensed and fully open source. There is no closed binary, no obfuscated logic, and no hidden data path — every line that builds a context graph, traces a decision, or records provenance is readable on GitHub.
Open-source library
The Semantica Python library does not transmit any data to our servers. All graph computation runs locally within your own environment — your data, your infrastructure. No telemetry is collected from library users unless you explicitly configure an integration that does so.
This website & waitlist
Waitlist signups (email address only) are stored in Cloudflare KV, scoped to this project. We collect minimal analytics and standard server logs — see the full breakdown in our Privacy Policy. We don't sell or share this data with third parties.
Hosted & Enterprise roadmap
Semantica Cloud (hosted/managed deployment) is not yet generally available. It's being built toward encryption at rest and in transit, VPC isolation, full audit trails, and SOC 2 readiness — these are engineering commitments for the hosted product, not certifications held today. We'll update this page with certification status as it's formally achieved.
Reporting a vulnerability
Found a security issue? Please report it privately rather than filing a public GitHub issue — email [email protected] with details and, if possible, steps to reproduce. We aim to acknowledge reports promptly and will credit responsible disclosures unless you prefer to stay anonymous.