Comment on page
What can be disclosed is that Dify's cloud service is located on US Azure, and only a very small number of authorized personnel can access user data after approval. In addition, our code is open source on GitHub. If you have concerns about the security of cloud services, you can use the self-deployed version.
As our product is still in its early stages, there may be some areas where we are not yet perfect, but we do plan to obtain SOC2 and ISO27001 certifications.
In the self-deployed version of Dify, there is only one instance where the Dify server is called - to check for updates via the API functionality. This must be triggered by an administrator in the backend. There are no other remote server technologies used, so you can use it safely.
If you still have concerns, you can protect your data through measures such as setting up firewalls.