# Security at Stakpak At Stakpak, we prioritize **your security and privacy**. We understand that your infrastructure configurations are sensitive, which is why we’ve built strict safeguards to ensure they’re handled responsibly. This section outlines how we protect your data when you use Stakpak to analyze, index, and interact with your infrastructure via our LLM-based solutions. #### **Data Security Practices** 1. **Encryption & Access Control** * All data transferred between your systems and Stakpak is encrypted in transit using **TLS** * Access to your configurations is restricted to Stakpak employees with a legitimate business need (e.g. help you resolve issues), enforced via role-based access control (RBAC) * We don't store your passwords, nor your Stakpak API keys in plain text * We use an encrypted secret vault to manage the secrets used to run our software, and this vault is encrypted with a key management system 2. **Data Minimization & Retention** * We process only the data required to provide our services, such as infrastructure definitions and configuration files * No raw credentials (e.g. API keys, secrets) are stored—Stakpak operates on *static analysis* of your configurations, never executing or deploying code directly from our servers (you shouldn't hardcode any secrets in your configuration files) * Data stored in our systems is retained only as long as needed for analysis or per your explicit consent. You can request deletion anytime through the support #### **How We Use Your Data** Stakpak’s analysis engine processes your configurations (e.g., Kubernetes files, Terraform code, Dockerfiles) to generate contextual insights and code suggestions. **We do NOT train AI models on your data without your permission**, and our systems are designed to **never execute untrusted code** on your behalf. #### **Contact Us** For security concerns, incidents, or detailed questions, report immediately to . We respond promptly to all inquiries. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://stakpak.gitbook.io/docs/references/security-at-stakpak.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.