Last updated June 2026
Trust Center
Trust is earned through transparency. This page documents how OmniTwin handles your data, protects your privacy, and operates with accountability at every layer.
Our Principles
Everything we build at OmniTwin is guided by a simple set of principles around how we handle infrastructure data:
- Your data is yours. We never sell, share, or monetize customer data. Your network topology, configurations, and operational data belong to you.
- Least privilege by default. Every component, agent, and service in OmniTwin operates with the minimum permissions necessary to perform its function.
- Transparency over obscurity. Every agent action, every data access, and every configuration change is logged and auditable. There are no hidden operations.
- Privacy by design. Data minimization is built into our architecture. We collect only what is necessary to operate the platform and deliver value.
Data Privacy
OmniTwin processes network infrastructure data that can include IP addresses, hostnames, device identifiers, and topology information. We treat all of this data as confidential.
- Data minimization: We only collect and process data that is directly necessary for the operation of the digital twin and associated agent workflows. We do not harvest metadata for analytics, advertising, or any secondary purpose.
- Retention: Customer infrastructure data is retained only while the account is active. Upon account termination, all customer data is permanently deleted within 30 days, with cryptographic verification of deletion available upon request.
- Anonymization: Any data used for internal system improvement (performance optimization, error detection) is fully anonymized and aggregated before processing. Individual customer data is never used in aggregate analytics without explicit consent.
- Cross-tenant isolation: Multi-tenant environments enforce strict data isolation at the database, network, and application layers. No customer can access, query, or infer another customer's data.
Data Ownership
Your infrastructure data remains your intellectual property at all times.
- Export: All customer data can be exported at any time in standard, machine-readable formats (JSON, CSV, YAML). There are no proprietary lock-in formats.
- Portability: We provide complete data portability tools so you can migrate your configuration intent, topology data, and audit history to any system of your choice.
- No training on customer data: OmniTwin's AI agents are not trained on customer data. Agent models are trained on publicly available networking standards, RFCs, and vendor documentation. Your network topology never enters a training pipeline.
- Contractual commitment: Data ownership rights are explicitly codified in our Terms of Service and reinforced in our Data Processing Agreement. These are not marketing statements; they are legal obligations.
Operational Transparency
We believe infrastructure operators should have complete visibility into what any platform is doing with their data and on their behalf.
- Agent action logs: Every action taken by an OmniTwin agent is logged with full context: what changed, why it changed, who (or what) initiated the change, and when. These logs are immutable and accessible to all authorized users.
- Status page: We maintain a public status page with real-time and historical uptime data for all OmniTwin services. Incident communication follows a defined protocol with proactive customer notification.
- Changelog: All platform changes, including security patches, feature updates, and infrastructure modifications, are documented in a publicly accessible changelog.
- Security advisories: When security-relevant changes affect customers, we issue security advisories with clear descriptions, impact assessments, and recommended actions.
Responsible AI Agents
OmniTwin's autonomous agents manage critical network infrastructure. We take the responsibility of autonomous decision-making seriously.
- Human-in-the-loop: For destructive or high-impact operations (deleting records, modifying production routing, changing security boundaries), agents require explicit human approval before executing. Autonomous reconciliation is limited to safe, reversible operations by default.
- Explainability: Every agent decision includes a human-readable explanation of its reasoning. Agents do not take opaque actions. The "why" is always available alongside the "what."
- Bounded autonomy: Agents operate within strictly defined policy boundaries set by your team. An agent cannot escalate its own permissions, expand its operational scope, or override safety constraints.
- Rollback capability: All agent-initiated changes can be rolled back to any previous state. The digital twin maintains a complete history of states, enabling point-in-time recovery.
- No external data sharing: Agents operate entirely within your OmniTwin environment. They do not send data to external services, third-party APIs, or cloud-based inference endpoints unless explicitly configured by your team.
Business Continuity
Network infrastructure management is a critical service. Our business continuity and disaster recovery plans are designed to ensure continuous availability.
- Uptime SLA: We target 99.95% availability for all production services, backed by service-level agreements with financial remedies for downtime.
- Disaster recovery: Full platform recovery from a regional failure can be completed within 4 hours (RTO). Data loss in a disaster scenario is limited to no more than 1 hour of data (RPO).
- Backup strategy: Automated backups run every hour with point-in-time recovery capability. Backups are stored in geographically separate regions from production data.
- Failover: Critical services run in active-active or active-passive configurations across availability zones. Automated failover triggers within 60 seconds of detecting a primary failure.
- DR testing: Full disaster recovery drills are conducted quarterly. Results and lessons learned are documented and used to improve recovery procedures.
Subprocessors
OmniTwin uses a limited number of third-party subprocessors to deliver the platform. Each subprocessor is evaluated for security and compliance before engagement, and reviewed annually.
| Subprocessor | Purpose | Location |
|---|---|---|
| Cloud Infrastructure Provider | Hosting, compute, and storage | US / EU |
| Transactional Email Provider | System notifications and alerts | US |
| Error Monitoring Service | Application error tracking | US |
| Payment Processor | Subscription billing | US |
Customers are notified at least 30 days in advance of any new subprocessor addition. The full subprocessor list with entity names is available in our Data Processing Agreement.
Contact Our Trust Team
Have questions about how we handle your data, our compliance program, or our security practices? We are here to help.
- General trust inquiries: Contact form
- Security incidents: security@kortesalabs.com
- DPA and compliance docs: Contact form
- Vendor assessment requests: Contact form
We respond to all trust and security inquiries within 1 business day.