Security & Trust

Your data,
your control

GIS Cloud AI is built so you stay in control of your data at every step. ISO 27001 certified, with AI that proposes and never acts without your confirmation.

DNV ISO/IEC 27001 Information Security Management System certified

ISO 27001
certified

GIS Cloud has been ISO 27001 certified since November 2025. Your data is handled under an audited, internationally recognized standard. It's the same bar enterprise and government procurement teams require.

AI you can trust with your data

  • You confirm everything. AI proposes values and actions; nothing is saved until you approve it.
  • Your control. AI isn't switched off, but you control how others may use it on data you've shared with them. As the data owner, you decide whether third parties can run AI read or write operations on your shared data. This applies both to AI used over MCP (Claude, ChatGPT) and to Mobile Data Collection.
  • No surprises. AI works only on data you've already added to your account; it doesn't reach out and pull external data on its own.

Connecting your own AI, safely

When you connect an external AI client like Claude or ChatGPT through MCP, access is private by default.

  • You authorize what it can reach, per resource.
  • Write and destructive actions are gated and require confirmation.
  • A "Control AI access to your shared data" toggle in My Account puts shared-data access on explicit opt-in.

Choose where your data lives

You decide the region your data is stored in, and it stays there.

  • EU and Australia regions available as optional alternatives, so you can keep data in your jurisdiction.
  • US by default, hosted on AWS.
  • On-premises deployment available for organizations with stricter requirements.

Access & encryption

Access is scoped to the people you authorize, and your data is encrypted in transit.

  • Role-based permissions. Grant each person only the access their role needs.
  • Organization-level controls. Manage members and access centrally from one account.
  • Encrypted in transit. Your data is protected as it moves between you and our servers.

FAQ

Questions procurement asks

Does GIS Cloud AI use my data to train models?
No. We do not train models on your data, and our AI provider, Anthropic, is contractually prohibited from training on it under our commercial agreement. Your inputs and outputs are treated as confidential, processed only to fulfil your request, and retained by Anthropic for a maximum of 30 days for security and abuse-prevention before deletion. A Data Processing Agreement is available on request. See also our Terms of use and Privacy policy.
When AI processes my data, where does it go and who can see it?
When you use AI features, the relevant data is sent to our AI provider, Anthropic, only to generate your response, then returned to you. It is not sold or shared with any other party, and it is not used to train models. Your content is treated as confidential under our agreement with Anthropic.
When I connect Claude or ChatGPT over MCP, who can see my data?
Access is private by default. You authorise each client per resource, write and destructive actions require explicit confirmation, and shared-data access is an opt-in toggle in My Account. No client reaches anything you have not granted.
Can I control who uses AI on my data?
Yes. AI is always available, but you decide whether third parties can run AI read or write operations on data you have shared with them. As the data owner you hold that switch, and it applies both to AI over MCP (Claude, ChatGPT) and to Mobile Data Collection.
Where is my data stored?
On AWS in the US by default, with EU and Australia regions available as alternatives. On-premises deployment is also available for organisations with stricter requirements.
Is a Data Processing Agreement available? Are you GDPR-compliant?
Yes. We provide a DPA on request and process personal data in line with GDPR. GIS Cloud operates EU entities and is ISO 27001 certified.
Can I delete my data, and what happens if I cancel?
You can delete your data at any time from your account.
Can GIS Cloud staff access my data?
Access is restricted to authorised personnel under our ISO 27001 controls, only when needed to operate or support the service.

Talk to our team

Get the security detail your procurement review needs, or read how GIS Cloud AI works.