Skip to content
Data security is everything to us

Your data is handled with care

As a Vahti user, you always know where your data is, who has access to it and how it is used — with no ambiguity.

Get startedRequest a demonstration
Hero photos Hubspot-4

Vahti focuses on security — not your business data

What does Vahti do?

  • Analyzes security settings and events
  • Identifies risks and anomalies
  • Clearly shows what should be fixed

What Vahti does not do?

  • Does not read your emails
  • Does not access the content of your documents
  • Does not make changes to your Microsoft 365 configuration

Where is the data stored and who controls it?

All customer data is processed and stored within the EU/EEA. Data is isolated per customer and is never combined with data from other customers.

You decide what Vahti has access to and which integrations are used. You can manage permissions and revoke access at any time. When your subscription ends, your data is deleted.

What data does Vahti use and how is it used?

Vahti uses data only to deliver the service. We do not use customer data for other purposes or share it without a valid reason.

Vahti’s analysis is based on security-related metadata from your Microsoft 365 environment. In practice, this includes data such as sign-in activity, access permissions, application consents and security settings — not the content of emails or files.

  • Access is limited to the minimum required (least privilege)
  • Data is used only to identify security risks
  • All actions are traceable and auditable

Your data is protected throughout its lifecycle

All data is encrypted in transit

Data is stored encrypted

Access to data is restricted and monitored

Artificial intelligence in Vahti

AI helps you understand the impact of security risks on your business — but it does not make decisions.

All risk findings and recommended actions are always based on rules-based analysis — not AI judgment. This ensures that Vahti’s recommendations are grounded in real findings and risks that can be traced and verified.

 
 
 

What does AI do?

  • Explains security risks in clear language and answers your questions
  • Helps you understand the business impact of risks
  • Suggests next steps

What AI does not do?

  • Does not identify or generate risks
  • Does not determine the severity of risks
  • Does not operate without rules-based analysis

Agreements and data protection

Using Vahti is based on clear and transparent agreements.