Witboost Security & Trust Center
Your data security is our top priority.
Witboost is an enterprise platform for Data Product lifecycle management, governance, and AI orchestration. We understand that data is one of your most valuable assets — that's why security, privacy, and compliance are built into every layer of the platform.
This Trust Center provides transparency into how we protect your data, meet regulatory requirements, and maintain the highest standards of operational security.
At a Glance
Platform Security
Witboost is a control-plane platform — it manages metadata, governance policies, templates, and deployment descriptors. It does not ingest, store, process, or serve end-user data. Your actual data stays in your own infrastructure.
Data Privacy
GDPR-compliant by design. All processing occurs within the customer's environment. Agile Lab is headquartered in Italy (EU) and all personnel operate exclusively within the EU/EEA.
Compliance
Integrated Management System aligned with ISO 27001, SOC 2, and GDPR. Regular third-party penetration testing and security audits.
AI Governance
AI features are optional and disabled by default. When enabled, all LLM calls route through the customer's own AI service — never through Agile Lab infrastructure. Every AI suggestion requires explicit human approval.
Deployment
Fully on-premises or private cloud deployment on Kubernetes. No Agile Lab-hosted infrastructure required. Can operate in completely air-gapped environments.
Access Control
Role-Based Access Control (RBAC) integrated with your identity provider (Entra ID, Okta, Keycloak). Least-privilege principle enforced. All access auditable.
Key Principles
| Principle | How Witboost Implements It |
|---|---|
| Data never leaves your perimeter | Witboost runs in your infrastructure. No phone-home, no telemetry, no outbound data transfers. |
| Metadata only | The platform handles schemas, policies, lineage, and contracts — never your actual data content. |
| Customer-controlled | You own the deployment, the identity provider, the encryption keys, and every access decision. |
| EU-headquartered | Agile Lab S.r.l. is based in Milan, Italy. All development and support occurs within the EU/EEA. |
| Privacy by Design | GDPR Article 25 principles are embedded in our development lifecycle. |
| Transparent | This Trust Center, our security handbook, and our compliance documentation are openly available. |
Company Information
| Legal Entity | Agile Lab S.r.l. |
| Headquarters | Via Alessandro Manzoni, 30 — 20121 Milano, Italy |
| VAT | IT 10963790018 |
| Data Protection Officer | Designated under GDPR Article 37 |
| Security Handbook | handbook.agilelab.it/Security.html |
| Privacy by Design | handbook.agilelab.it/C_privacybydesign.html |
Last updated: May 2026