Skip to main content

Documentation Index

Fetch the complete documentation index at: https://workllm.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

WorkLLM is built for enterprise teams that require strong data boundaries, auditability, and control. Every organization on WorkLLM runs in a dedicated tenant environment — your data, users, and AI interactions are logically isolated from every other organization on the platform. This page explains the security model at a high level and where to find more detail on each topic.

Security pillars

Tenant isolation

Each organization runs in its own isolated environment. There is no shared data layer between organizations. Your threads, documents, memory, and settings are never accessible to other tenants.

Encryption

All data is encrypted at rest using AES-256 and in transit using TLS 1.2 or higher. Encryption is always on — there is no configuration required and no way to disable it.

No model training

Your data is never used to train or fine-tune AI models. Conversations, documents, and prompts you send through WorkLLM are not retained by AI providers for training purposes.

Access controls

Role-based access controls let you define exactly what each member can see and do. Admins, Members, and Viewers each have distinct permission sets that apply across all WorkLLM features.

Audit logging

Every significant action — logins, role changes, integration connections, agent runs, data exports — is recorded in a tamper-evident audit log accessible to Admins.

Encryption

WorkLLM encrypts your data at every layer:
  • At rest: All stored data — including conversations, uploaded documents, prompt templates, and memory — is encrypted using AES-256.
  • In transit: All communication between your browser or API client and WorkLLM’s servers uses TLS 1.2 or higher. Connections that don’t meet this standard are rejected.
No action is required on your part to enable encryption. It applies automatically to all plans.

No data used for AI training

WorkLLM does not use your data to train or improve AI models. This applies to:
  • Conversations and thread history
  • Documents you upload
  • Prompt templates and tools you create
  • Agent configurations and outputs
  • Memory stored at any layer (Thread, Project, Team, Personal, Organization)
WorkLLM’s contracts with AI providers include data processing agreements that prohibit the use of your data for model training.

Dedicated tenant architecture

When you create a WorkLLM organization, your environment is isolated from all other organizations on the platform. This means:
  • Your users, teams, and data are contained within your tenant
  • There is no shared database or storage between organizations
  • Access to your workspace requires authentication within your tenant
  • Admins in your organization cannot see data belonging to other tenants, and vice versa
This is different from multi-tenant SaaS architectures where a shared data layer separates tenants only by software-enforced rules. WorkLLM’s isolation is structural.

Single sign-on

WorkLLM supports Google SSO for all plans. Enterprise plans can configure SAML-based SSO with your identity provider. SSO lets you enforce authentication policies — such as MFA requirements — through your existing identity stack. See User Management for SSO configuration details.

Compliance

WorkLLM is pursuing SOC 2 Type II compliance. Enterprise customers can request access to compliance documentation and security questionnaire responses.
Compliance topicStatus
SOC 2 Type IIAvailable for enterprise plans
GDPRSupported — see Data Privacy
CCPASupported — see Data Privacy
Data residencyAvailable for enterprise plans

Security features by plan

FeatureStarterBusinessEnterprise
Encryption at rest and in transitYesYesYes
Dedicated tenant isolationYesYesYes
Role-based access (Admin, Member, Viewer)YesYesYes
Google SSOYesYesYes
Audit logsYesYes
Audit log export (CSV)YesYes
SAML SSOYes
Data residency optionsYes
SOC 2 compliance documentationYes
Bulk user importYes
Plan availability may change. Contact info@workllm.io to confirm current feature availability for your plan.

Security questionnaires and documentation

If your organization requires a security questionnaire, compliance documentation, or a data processing agreement (DPA), contact WorkLLM at info@workllm.io. You can also review WorkLLM’s public security posture at workllm.io/security.

More in this section

Data Privacy

What data WorkLLM stores, how long it’s retained, data residency options, and your rights as a data controller.

User Management

Roles and permissions, inviting members, SSO configuration, and revoking access.

Audit Logs

What WorkLLM logs, how to access and filter logs, and how to export them for compliance reporting.