Security & Privacy at ROQA AI

About ROQA AI

ROQA AI provides two products serving the UiPath ecosystem:

• ROQA MonA — Intelligent monitoring for UiPath automation estates. MonA ingests operational telemetry from UiPath Orchestrator (job status, queue metrics, resource utilization) and surfaces health insights. MonA does not use AI/LLM processing.
• ROQA AriA — A conversational interface over UiPath operational data. AriA uses Anthropic's Claude API to generate insights from UiPath execution data. When a user explicitly requests transaction-level analysis, AriA also retrieves bot execution logs and queue items from the customer's UiPath Orchestrator and sends them to Anthropic's Claude API — see the AI Processing section below for details.

Our customers are RPA service providers, UiPath license distributors, and automation Centers of Excellence — organizations who build, sell, or operate UiPath automation at scale.

Our Security Commitments

Data minimization. We collect only the operational telemetry required to deliver MonA and AriA by default. Transaction-level data (bot execution logs and queue items) is processed only when a user of AriA explicitly requests analysis of it.

Encryption in transit and at rest. All data is encrypted in transit via TLS 1.2+ and at rest using AES-256.

Access on a need-to-know basis. Production access is limited to authorized engineering personnel, protected by multi-factor authentication and logged.

No training on customer data. Customer data is never used to train or fine-tune any AI model — ours or any third party's. Anthropic's API, which powers AriA, operates under a zero-retention policy for API traffic per Anthropic's commercial terms.

EU data residency. All customer data is processed and stored in the European Union. LLM inference performed by Anthropic's API is subject to international transfer safeguards described in the Subprocessors section below.

Customer control over AI access to sensitive data. Customers can restrict which users are authorized to invoke AriA's transaction-level analysis feature, or disable the feature entirely.

Infrastructure

Application Security

• Authentication: Customer users authenticate via SSO.
• Authorization: Role-based access control enforced at the API layer. Includes granular permissions for AriA's transaction-level analysis feature.
• Secrets management: All credentials and API keys stored in a managed secrets vault; never committed to source control.
• Dependency scanning: Automated scanning of third-party dependencies for known vulnerabilities as part of CI/CD.
• Secure development: Code changes require peer review before merge; infrastructure changes tracked in version control.
• Penetration testing: Annual third-party penetration test of the production environment.

AI Processing & Anthropic (AriA only)

AriA uses Anthropic's Claude API to convert natural-language questions about your UiPath estate into operational answers. The following applies specifically to AriA.

Model routing

AriA uses multiple Claude models from Anthropic. Requests involving sensitive data analysis or multi-step reasoning are routed to Anthropic's more capable reasoning models, while lighter-weight tasks such as short conversational replies, formatting, and simple lookups are routed to faster, more efficient models. Routing is managed by AriA and is not user-selectable.

Data sent to Anthropic — baseline operational queries

For most AriA interactions, only the user's prompt and UiPath operational metadata (job names, statuses, timestamps, error messages) are sent to the model. No transaction-level content is sent in this mode.

Data sent to Anthropic — on-demand transaction-level analysis

When a user of AriA explicitly requests analysis of transaction-level detail, AriA retrieves the relevant UiPath bot execution logs and Orchestrator queue items from the customer's environment and sends them to Anthropic's Claude API for analysis. These payloads may contain personal data present in the customer's automation workflows — for example, names, identifiers, or addresses contained within queue item bodies.

Controls that apply to this mode:

• Explicit user action required. Transaction-level data is never sent to any LLM in the absence of a direct user request.
• Role-based access control. Customers can restrict which users are authorized to invoke transaction-level analysis.
• Feature-level disable. Customers may request that this feature be disabled entirely for their tenant. Once disabled, AriA will not retrieve bot logs or queue items and will reject user requests that require them.
• Audit trail. All AriA interactions, including invocations of transaction-level analysis, are recorded in customer-accessible activity logs.
• Model selection. Transaction-level analysis is always routed to Anthropic's more capable reasoning models to ensure the most rigorous analysis is applied to sensitive content.
• Zero retention. Anthropic does not retain these inputs or outputs for training, per their commercial terms.

Shared controls

• Transparency: Users of AriA are informed when they interact with an AI-generated response.
• Human oversight: AriA produces advisory and informational output; it does not autonomously execute changes to your UiPath environment.
• Anthropic certifications: Anthropic holds SOC 2 Type II and ISO 42001 certifications.
• Subprocessor status: ROQA AI treats Anthropic as a subprocessor under GDPR. International transfers are governed by Standard Contractual Clauses.

Customer responsibility

Because AriA's transaction-level analysis retrieves data already present in the customer's UiPath environment, the customer remains responsible for the legal basis under which that data is collected and processed. Customers should ensure that their use of AriA is consistent with their own data protection notices, lawful bases, and internal policies, and that their Authorized Users are appropriately restricted where transaction data contains sensitive personal data.

Compliance & Certifications

Security questionnaires. We maintain a pre-filled SIG Lite response for customer procurement teams. Request a copy at security@roqaai.com.

Subprocessors

We use a small number of subprocessors to operate ROQA AI. Each subprocessor is bound by a data processing agreement and appropriate safeguards.

We notify customers at least 30 days before adding new subprocessors. To subscribe to subprocessor change notifications, email security@roqaai.com.

Data Handling & Privacy

Customer data we process by default:

• UiPath Orchestrator operational telemetry (job metadata, queue metrics, resource IDs)
• User account information for ROQA AI access (name, email, role)
• AriA chat prompts and responses (transient — not used for training)

Customer data we process on user request:

• UiPath bot execution logs for specific transactions, retrieved from the customer's Orchestrator when an AriA user explicitly requests analysis.
• UiPath queue item contents for specific transactions, retrieved and sent to Anthropic's Claude API for analysis when an AriA user explicitly requests it. These payloads may contain personal data present in the customer's automation workflows.

Customer data we do not process:

• Screenshots or recordings of bot execution
• Attachments, documents, or files referenced by queue items (only the queue item content itself is accessed, not linked files)

Data retention: Operational telemetry is retained for 30 days by default, configurable by the customer. AriA chat context is retained for 1 hour idle or 10 messages. AriA generated files are ephemeral, with a maximum retention period of 24 hours. Transaction-level payloads retrieved for on-demand analysis are not persisted in ROQA AI's systems beyond the duration of the user's analysis session.

Data deletion: On termination of a customer agreement, all customer data is deleted within 30 days, or exported at customer request.

Data subject rights: As a GDPR processor, ROQA AI supports customer requests to access, correct, or delete personal data of their end users. Requests can be made to privacy@roqaai.com.

Incident Response

ROQA AI maintains a documented incident response plan covering detection, containment, eradication, recovery, and post-incident review. In the event of a security incident involving customer data:

• Notification: Affected customers are notified without undue delay, and within 72 hours of confirmation at the latest.
• Communication: Updates are provided to a designated customer contact via email until resolution.
• Post-incident: A written post-mortem is provided to affected customers within 30 days.

Report a suspected vulnerability or incident: security@roqaai.com

Business Continuity

• Uptime target: 99.5% monthly for production services.
• Backups: Automated daily, encrypted, retained for 35 days.
• Disaster recovery testing: Annual.

Legal Entity

SYNC DEV AUTOMATIONS SRL
11 Frunzei St., Galati, Galati, Romania
RO41565673
Romania

Contact