Privacy and Security in Gale: AI Agent & Summaries

At Tomorrow.io, we recognize that trust and data integrity are essential. Gale, our AI-powered weather agent, is designed with strict privacy, security, and access control standards. This article outlines how your data is protected when using Gale Agent or Gale Summaries.

1. Our Commitment to Privacy and Security

We are committed to protecting customer data across all aspects of Gale’s design. Key principles include:

• No passwords or authentication data are stored or accessed by Gale.

• Personally identifiable information (PII) such as names, emails, and phone numbers is securely stored and never exposed outside your account.

• No cross-account access is possible. Each customer’s data is isolated.

• All access is governed by token-based authorization and role-based controls (RBAC).

2. Overview of Gale

Gale is Tomorrow.io’s in-product AI agent, designed to enhance weather-related operations through chat-based interaction.

Capabilities include:

• Conversational access to real-time weather insights based on your account configuration (locations, thresholds, alert rules).

• Natural language commands to create insights, locations, and more.

• Scoped access to only what the logged-in user is authorized to see.

• Organizational context from uploaded documents, securely stored and only used within the account.

Note: Gale does not operate autonomously. It only responds to user input and follows the permissions of the logged-in user.

3. Architecture & Deployment

• Cloud Infrastructure: Gale is hosted on Azure and Google Cloud.

  • Models are deployed on self-managed Azure infrastructure.

  • Application services run in GCP and access models via secured IP/VPC authorization.

• Model Deployment:

  • Models like GPT are hosted in isolated, private environments.

  • Input/output filtering and strict access policies are enforced.

• Data Isolation:

  • Each customer has a dedicated namespace for contextual data (vector embeddings, uploaded documents).

  • LLMs do not directly access customer databases. All context is orchestrated with strict controls.

4. Data Storage and Access Control

Data Categories

• Personal Data: User names, emails, and contact info (stored in MongoDB).

• Operational Data: Saved locations, alert rules, and system configurations (MongoDB, PostgreSQL).

• Embedded Documents: Customer-uploaded files used to enhance Gale responses (stored in Azure-based vector DB).

Access Control

• Access is token-based and scoped to the user’s permissions.

• Role-based logic determines read/write access.

• Gale never exceeds the access of the initiating user.

Logging and Auditing

• Every interaction with Gale is logged with accountID and userID.

• Logs are stored privately and are not used to train the model.

• Questions and responses are never stored in or fed back into any model.

• System logs are audited internally to monitor usage and improve performance.

5. Compliance and Governance

Tomorrow.io complies with major privacy and security frameworks, including:

• SOC 2 Type II audited annually

• GDPR-aligned data residency and processing standards

• Tenant isolation, least-privilege access, and Privacy-by-Design principles applied at all layers

Summary

Gale is designed to deliver intelligent, AI-powered weather support while meeting Tomorrow.io’s highest standards for security, privacy, and operational integrity. Whether using Gale Agent for weather queries or reading Gale Summaries in reports, you can trust that your data is fully protected, scoped, and never shared.

For more questions or assistance, please contact your Account Team or support@tomorrow.io.