Platform

Privacy & security

How we keep your conversations private — and what to watch for anyway.
← Platform

Basal and the rest of Luna’s agents run on Luna’s own infrastructure, not a third-party SaaS. That means the posture is ours to set. Here’s what’s in place today.

Your conversations are private

Each person gets their own dedicated agent instance with its own memory. Conversations are stored separately per user — your messages with Basal are not visible to other employees, and Basal can’t confuse your conversation with anyone else’s.

Zero Data Retention at the model layer

Basal uses Claude (Anthropic’s AI model) as the underlying language model. Luna’s Anthropic workspace has Zero Data Retention enabled. In plain terms: Anthropic does not log, store, or train on the messages you send through our API.

Luna-owned egress

All model calls flow through luna-ai-proxy, a Luna-owned service. That’s the only place API keys live. Individual agents never hold credentials, and request metadata is hashed before being sent to the AI Gateway — so the audit log shows that a request happened without exposing what was said.

Identity verification

Every message Basal receives is tied to a verified @lunadiabetes.com email address. In Slack, that’s enforced by HMAC-signed webhooks plus a users.info lookup before the message is ever dispatched to an agent. On this intranet, Cloudflare Access enforces it at the edge before any page loads. Anonymous access is not possible through either entry point.

The internal webhook hosts (slack., router., ai-proxy.nightluna.com) are gated by static bearer tokens today, with Cloudflare Access hardening planned as a follow-up. They’re not browseable.

Audit logging

All interactions are logged through Cloudflare’s AI Gateway for security and observability. The log captures request metadata — timing, cost, which agent responded — not message contents.

In addition, every Worker streams trace events to a private R2 bucket (luna-audit-log) at 100% sampling via Cloudflare Workers Logpush. That gives us a complete request-level audit trail without sending any data to a third-party logging vendor.

What not to send

Even with these controls in place, treat Basal as an internal productivity tool, not a cleared system for regulated data. Do not paste:

  • Protected health information (PHI) or patient identifiers.
  • Personally identifiable information of customers or trial participants.
  • Confidential third-party information under NDA.
  • Proprietary competitive intelligence you’ve been asked not to share.

Questions about whether something is safe to share with an agent? Ask [email protected].