Thank you for your interest in the Dify product. Dify takes your data security very seriously. Please refer to our [Privacy Policy].

What can be disclosed is that Dify's cloud service is located on US Azure, and only a very small number of authorized personnel can access user data after approval. In addition, our code is open source on GitHub. If you have concerns about the security of cloud services, you can use the self-deployed version.

As our product is still in its early stages, there may be some areas where we are not yet perfect, but we do plan to obtain SOC2 and ISO27001 certifications.

If you have any questions regarding commercialization, please contact business@dify.ai.

In the self-deployed version of Dify, there is only one instance where the Dify server is called - to check for updates via the API functionality. This must be triggered by an administrator in the backend. There are no other remote server technologies used, so you can use it safely.

If you still have concerns, you can protect your data through measures such as setting up firewalls.