Trust Center

Enterprise AI, with control built in.Edrak is the governance layer between your organization and leading AI models. It is designed to help teams adopt AI confidently, while keeping data ownership, access control, and oversight where they belong: with the customer.
Trust at a glance
Your data stays yoursCustomer data, prompts, uploaded files, and outputs remain under the customer's control. Edrak does not claim ownership over customer data.
No training on your dataEdrak does not use customer data or outputs to train, fine-tune, or improve Edrak models or third-party AI models.
Built for governed useEdrak provides administrative controls, role-based access, workspace-level separation, and visibility into usage so organizations can manage AI in a structured way.
Security by designEdrak applies technical, administrative, and physical safeguards designed to protect customer data, including encryption in transit and at rest, access controls, and audit-oriented controls.
Saudi-first, enterprise-readyUnless otherwise agreed, Edrak's default hosting position is Saudi Arabia, with other hosting options available subject to operational and legal requirements.
How Edrak worksEdrak acts as a controlled layer between your organization and supported AI providers.Your organization → Edrak → AI modelsThat structure matters for three reasons:
ControlRequests pass through a managed enterprise environment rather than unmanaged individual use.
VisibilityOrganizations can apply governance, permissions, and oversight at the workspace level.
ConsistencyTeams can access multiple supported models through one controlled platform.
Our commitments1. Ownership and controlWe believe enterprise customers should retain control over their business data.
  • Customer data remains the customer's.
  • Outputs generated for the customer belong to the customer, subject to applicable law and third-party rights.
  • Customers control who can access the workspace and how the service is used internally.
  • Customers may request export or deletion in line with contract terms, legal requirements, and system constraints.
2. Limited use of customer dataEdrak processes customer data only as needed to provide, secure, support, and administer the service.
  • We do not use customer data for advertising.
  • We do not sell customer data.
  • We do not use customer data to build competing models or improve foundation models.
  • Where third-party model providers are used, data is transmitted only to deliver the requested functionality.
3. Security and access managementEdrak is designed with layered safeguards to reduce unauthorized access and misuse.
  • Encryption in transit and at rest
  • Role-based access controls
  • Workspace-level segregation
  • Administrative visibility into usage and activity
  • Audit-oriented logging and monitoring
  • SSO support where offered
4. Regional and legal alignmentEdrak is designed for organizations operating in Saudi Arabia and beyond.
  • Saudi-first hosting position by default
  • Alignment with applicable Saudi data protection requirements
  • Contractual support through enterprise terms, including privacy and data handling commitments
  • Additional regional hosting options may be available upon request
Security overviewEdrak applies commercially reasonable safeguards designed to protect customer data against unauthorized access, use, disclosure, alteration, or destruction.Security measures may include:
  • Encryption of data in transit
  • Encryption of data at rest
  • Role-based access controls
  • Logging and monitoring
  • Secure API-based integrations with supported providers
  • Internal access restrictions based on business need
  • Subprocessor controls through written contractual obligations
For enterprise customers with advanced requirements, Edrak may make additional documentation available under appropriate confidentiality controls.Privacy overviewPrivacy is not treated as a marketing feature. It is part of the service design.Edrak's privacy position is built around a few clear principles:
  • Customers retain ownership of their data
  • Customer data is not used for model training
  • Data is processed only to deliver and secure the service
  • Data retention is limited to what is needed for service delivery, security, legal obligations, and backup cycles
  • Customers remain responsible for ensuring that their own use of the platform complies with the laws and regulations applicable to them
AI provider integrationsEdrak supports access to selected third-party AI providers through the platform.When a customer chooses to use those integrations:
  • Edrak acts as the intermediary platform
  • Customer data may be transmitted to the relevant provider only to generate the requested response
  • Edrak seeks contractual protections appropriate to the service design
  • Third-party providers remain subject to their own technical and service limitations
This allows organizations to centralize control and governance, even where underlying model providers differ.Data lifecycleEdrak is designed to support a controlled data lifecycle.
  • During the subscription term, data may be retained as needed to provide the service
  • After termination, customer data may be retained for a limited retrieval or export window
  • Thereafter, data is deleted or anonymized, except where longer retention is required for law, legal hold, billing, fraud prevention, security, or backup cycles
  • Residual backup copies are deleted in the ordinary backup cycle
Responsible platform operationEdrak is designed to support responsible enterprise use of AI.That includes:
  • Platform safeguards against misuse and abuse
  • Restrictions on attempts to bypass safeguards, conduct unauthorized security testing, or use the service to build competing AI systems
  • Customer responsibility for reviewing outputs before relying on them in legal, regulatory, financial, or other high-impact contexts
  • Enforcement actions where needed to protect service integrity, customers, and legal compliance
Documentation and resourcesLearn more through the following pages and materials:
  • Security
  • Privacy
  • Responsible AI
  • Compliance
  • Privacy Policy
ContactFor enterprise trust, privacy, or security questions:Security: security@edrak.com
Privacy: privacy@edrak.com