Your Data, Your Rules: How SLIKWORKS Handles storage, privacy & GDPR

As more safety engineers explore how large language models (LLMs) can support their work, a number of questions come up again and again. Below, we've gathered the ones we hear most often about SLIKWORKS specifically, as well as other LLMs in safety engineering. Our aim is to give you clear answers so you can decide what's right for your team.

1. Does SLIKWORKS support EU GDPR compliance?

   
   

   Yes. SLIKWORKS is built to be GDPR-compliant out of the box, and we've designed our data handling so that you stay in control of your information at every step. Here's what that means in practice:

• You're in charge of your data. Under GDPR, SLIKWORKS operates as a "data processor" (Article 28, GDPR) - It will only handle data on your instructions, never for our own purposes.

• We don't train on your data. Your data is never used to train our machine learning models. The AI providers we work with (such as Anthropic and OpenAI) are contractually bound by the same rule.

• No personal data goes to the AI models. SLIKWORKS is designed in a way to filter out personally identifiable information (PII) before communication with an LLM.

• Everything is encrypted. Your data is protected both in transit (TLS) and at rest.

• You decide who has access. Only the admins you designate can view or edit your organization's data.

• Full transparency on sub-processors. We keep a complete list of every sub-processor we use, including AI providers and infrastructure vendors, available on request.

• We help you honor data subject rights. When someone exercises their right to access, correct, or erase their data, we support you in responding within GDPR timeframes.

2. Where is customer data being stored in SLIKWORKS?

Customer data lives in secure cloud infrastructure that SLIKWORKS manages, and anything that briefly passes through an AI model is automatically deleted afterward - never saved, never used for training. Here is the full picture

• Customer core data stays in managed cloud storage. All your data is held securely within SLIKWORKS-managed infrastructure (or a deployment environment you choose) for e.g. on AWS or Azure servers.

• You can choose where it's hosted. We support region-specific hosting to match your requirements. A German OEM, for instance, can keep all storage within the EU.

• AI analysis is the one exception, and it's temporary. For certain analyses, SLIKWORKS uses external AI services (Anthropic's Claude and OpenAI). Here's exactly what happens to your data in that case:

  
  

  • With Claude: We use Anthropic's standard inline API. Any data sent is held on Anthropic's servers for a maximum of 30 days and then automatically deleted (as of June 2026). For customers who need it, we can arrange zero-day retention. We deliberately avoid Anthropic's Files API, since that stores data for longer periods. Anthropic does not train its models on data sent through the API; the short-term storage exists only for their own safety and abuse monitoring.

    
    

  • With OpenAI: The setup is the same, data may be held on OpenAI's servers for up to 30 days before automatic deletion (as of June 2026). As with Anthropic, OpenAI does not train its models on data sent through the API.

In short:

• Your data lives in SLIKWORKS infrastructure (e.g. AWS or Azure).

• Anything that interacts with an AI model is stored only briefly on that provider's servers, then automatically deleted.

• The AI models are never trained on your data.

  
  

3. Will the LLMs used by SLIKWORKS train on my proprietary data?

   
   

   No. SLIKWORKS uses LLM APIs in a non-training mode, and we add our own architecture on top to keep your data isolated.

   • The AI providers don't train on it. Both Anthropic (Claude) and OpenAI contractually do not use data sent through their APIs to train their models.

   • Each request is independent, and the model has no memory between them. We enforce a stateless architecture. If the tool asks the LLM one question, then asks it a second, the model has no knowledge of the first question; it's forgotten the moment the answer comes back. Nothing carries over, accumulates, or builds a profile of your data. This is by design in how we use the APIs.

4. Can the LLMs used by SLIKWORKS overwrite my existing data?

   
   

   No. SLIKWORKS is built so that only a person can trigger the AI to write or change data; the model can never do it on its own.

   • Nothing is written without your action. The tool can't overwrite your data unless you take a deliberate step, such as clicking to confirm.

   • You can lock data down further. You can set custom rules, for example, locking certain fields once they've been approved, so that no other user can overwrite them either.

5. How does SLIKWORKS handle data security?

   
   

   We protect your data both while it's moving and while it's stored, and we keep every customer's data walled off from every other customer's.

   • In transit: All data is protected with TLS (HTTPS), so it's encrypted whenever it travels between you and SLIKWORKS.

   • At rest: Data sitting in our databases is encrypted, and access is tightly controlled. Only your designated admins decide who can view or edit your organization's data.

   • Your data is isolated from everyone else's. One customer can never see another's. OEM A cannot view OEM B's HARA, for instance, unless OEM A's own admin explicitly grants someone access.

   • It stays on our infrastructure. All persistent data lives only within SLIKWORKS -controlled infrastructure.