Back to home

Security

How Datana protects your data, accounts, and analysis workloads.

Last updated: July 1, 2026

Authentication & access

  • JWT-based authentication with secure token refresh
  • Role-based access control (RBAC) for user and admin roles
  • Per-user dataset isolation — users can only access their own data
  • Rate limiting on authentication endpoints

Data protection

  • Encrypted passwords using industry-standard hashing (bcrypt)
  • HTTPS recommended for all production deployments
  • Optional S3-compatible object storage for file persistence
  • Configurable CORS and environment-based secrets

Infrastructure

Datana can be deployed on your own infrastructure using Docker Compose, giving you control over network boundaries, database hosting, and backup policies. Production deployments include Nginx reverse proxy, PostgreSQL, Redis, API workers, and Celery task queues.

AI processing

Analysis insights may be generated via third-party LLM providers when API keys are configured. Dataset context sent for inference is limited to what is required for the analysis job. Self-hosted deployments allow you to control which AI providers are enabled.

Reporting security issues

If you discover a vulnerability, please report it responsibly to [email protected]. Do not disclose publicly until we have had a reasonable opportunity to investigate and remediate.