Skip to main content

Telemetry & Privacy

azuma nori is designed for high-security, highly-regulated environments. To ensure full trust, we are entirely transparent about exactly what data is—and more importantly, is not—transmitted from your local workstation to the Azuma backend.

What is NOT Sent (Absolute Guarantees)

The following data stays between your local machine and your direct LLM connection—it is never transmitted to Azuma or any third party:

  • Source Code: Not a single line of your repository is uploaded to Azuma.
  • Secrets & Credentials: Environmental variables, hardcoded keys, and .env files are never transmitted.
  • Raw Files: Any external evidence (PDFs, images) you attach remains strictly local.
  • Vulnerability Payloads: The specific text of a vulnerability or proprietary architectural flaw found in your code is not sent to our telemetry backend.

What IS Sent (Telemetry Payloads)

Nori only transmits high-level telemetry and status metadata required to synchronize your project state across your team's dashboard.

When an analysis run completes, the JSON payload sent to api.azuma-health.tech includes:

Data PointDescriptionExample Payload Value
Run IDA unique identifier for the execution."run_1717500000"
Execution MetricsTotal duration and token consumption."duration_ms": 45000, "tokens": 12500
Control StatusesThe final pass/fail verdict for each control ID.{"O.Auth_1": "Pass", "O.Cryp_2": "Fail"}
Overall ScoreThe aggregated compliance percentage."score_percentage": 94.5

By strictly limiting our telemetry to these top-level metrics, you can comfortably deploy nori in secure enterprise environments without triggering source-code exfiltration alarms.