Frequently Asked Questions

Quick answers to common questions about Noxys.

What is Noxys?

Noxys is the first European sovereign AI Firewall. It provides:

1. Shadow AI Discovery: See which AI platforms your employees are using
2. Data Loss Prevention (DLP): Block or warn when sensitive data (PII, financial info) is shared with AI services
3. Policy Enforcement: Create rules like "block all ChatGPT in Finance" or "coach on high-risk interactions"
4. EU AI Act Compliance: Map your AI usage against regulatory requirements
5. Zero US Cloud: All data stays in Europe

The core insight: Most organizations have no visibility into AI usage. Noxys fixes that.

How does Noxys differ from competitors?

Feature	Noxys	Competitors
Sovereign (EU only)	✅	❌ (US-based)
Browser extension	✅ (MV3)	✅ (some)
No proxy needed	✅	❌ (proxy only)
PII detection	✅ (Tier 1-2)	✅
Policy engine	✅	✅
15+ platforms	✅	✅
EU AI Act roadmap	✅	⏳ (future)
Self-hosted option	✅	❌ (SaaS only)

Key differentiators:

• Sovereign by design: No US cloud ever
• Privacy by default: Raw prompts never stored
• Transparent pricing: €8-25/user, no seat minimums
• Open-source roadmap: Core components going open-source in v1.0

What AI platforms does Noxys monitor?

Current support (15 platforms):

1. ChatGPT (OpenAI)
2. Claude (Anthropic)
3. Google Gemini
4. DeepSeek
5. Perplexity
6. Mistral
7. Microsoft Copilot
8. Poe
9. HuggingChat
10. Grok (X AI)
11. Mammouth AI
12. TypingMind
13. OpenRouter
14. Windsurf (Codeium)
15. Cursor

Coming soon (v0.2):

• GitHub Copilot Chat
• VS Code Copilot (via IDE plugin)
• JetBrains AI Assistant
• Ollama (local)

How does Noxys work (simple version)?

1. Browser extension watches for AI usage
2. When you type in ChatGPT, extension detects it
3. Extension hashes your message and sends the hash + metadata to Noxys backend
4. Backend checks policies ("Is this allowed?")
5. If blocked, extension prevents submission; if coached, shows a warning
6. All activity is logged for your dashboard

Raw message is never sent — only SHA-256 hash.

---

Deployment & Setup

How do I install Noxys?

Three options:

1. Cloud (SaaS): Sign up at noxys.cloud, install browser extension (5 minutes)
2. Self-hosted (Docker Compose): make docker-up on your server (30 minutes)
3. Self-hosted (Kubernetes): Helm chart with multi-region HA (custom deployment)

See Getting Started for step-by-step.

Do I need a proxy or VPN?

No. Noxys works entirely in the browser using the WebExtensions API. No MITM proxy, no system certificate, no VPN integration required.

This is a major advantage:

• ✅ Easier to deploy (no IT infrastructure changes)
• ✅ Works with bring-your-own-device (BYOD)
• ✅ No corporate certificate interception drama
• ✅ Lower latency (no proxy hop)

What browsers are supported?

• Chrome 90+ ✅
• Edge 90+ ✅
• Firefox 88+ ✅
• Brave 1.40+ ✅
• Opera 76+ ⏳ (community-supported)
• Safari ❌ (coming in v1.0)
• Mobile browsers ❌ (coming in v1.5)

Can I self-host?

Yes. Full self-hosting supported:

• Docker Compose (development or small deployment)
• Kubernetes + Helm (enterprise, multi-region)
• On-premise only (zero cloud)

Data never leaves your infrastructure. See Self-Hosted Deployment.

How much does it cost?

Plan	Price	Users	Features
Free	€0/month	≤10	Basic monitoring, 30-day retention
Starter	€8/user/month	≤50	Webhooks, Tier 2 classification, 90-day retention
Business	€15/user/month	≤500	Policies, SSO, audit log, 1-year retention
Enterprise	€25+/user/month	Unlimited	Custom SLA, dedicated support, on-premise option
Sovereign	Custom	Custom	EU-only infrastructure, zero US cloud, custom instance

No seat minimums. Pay only for active users.

---

Data Privacy & Security

Do you store my prompts?

No. Noxys never stores the raw prompt text. Here's what's stored:

Data	Stored?
Raw prompt text	❌ No
SHA-256 hash	✅ Yes
PII classifications (type, score)	✅ Yes
Metadata (URL, timestamp, model)	✅ Yes
Your name and email	✅ Yes
Password	✅ Yes (bcrypt hashed)

The hash is a one-way fingerprint. You cannot reverse it to get the original text.

Is my data encrypted?

In transit: Yes, TLS 1.3 (military-grade)

At rest:

• Cloud deployments: Yes (AWS, Azure, GCP default)
• Self-hosted: Optional (full-disk encryption, pgcrypto)

See Security Guide for details.

Where is my data stored?

Choose your region:

• Cloud (EU): AWS eu-west-1 (Ireland), Azure westeurope (Netherlands), or GCP europe-west1 (Belgium)
• Self-hosted: Your own servers/data center (completely isolated)

All options: Zero US cloud, zero Microsoft/Google/AWS US presence.

What happens to my data if I cancel?

After 30 days:

• Dashboard access revoked
• Data can be exported as CSV/JSON
• Data is deleted from our servers after 90 days (configurable)
• Backups retained per your retention policy (default: 7 days)

You can request immediate deletion anytime.

Is Noxys GDPR compliant?

Yes. Noxys is designed to help you be GDPR compliant:

• Data minimization (hashes, not raw content)
• Encryption in transit and at rest
• Right to erasure (delete all data for a user)
• Audit trail (all admin actions logged)
• Data portability (export as JSON)
• EU data residency option

We are not a GDPR processor by default. To sign a DPA (Data Processing Agreement), contact sales@noxys.eu.

What about HIPAA, PCI-DSS, or SOX?

Not yet. We're focusing on EU AI Act and GDPR compliance first. Contact us if you need specific certifications.

---

Policies & Enforcement

What does "Block" mean?

When a policy action is "Block":

• Your message is not sent to the AI
• You see a red banner: "This message contains sensitive data. Blocked by policy: [policy name]"
• The action is logged in your audit trail
• Your admin sees an alert

You must edit or delete the message to proceed.

What does "Coach" mean?

When a policy action is "Coach":

• Your message is sent (not blocked)
• You see a yellow banner: "This message contains sensitive data. Review before sending."
• You can click "Send anyway" or "Cancel and edit"
• The action is logged

It's a warning, not a hard block.

What does "Log" mean?

When a policy action is "Log":

• Your message is sent (not blocked or warned)
• Nothing visible to you
• The action is logged on the backend
• Only admins see it in the audit trail

Useful for tracking without disrupting user workflow.

Can I have multiple policies?

Yes. Policies are evaluated in priority order (lower number = first). The first matching policy applies.

Example:

Priority 1: Block all DeepSeek (blocks all interactions on that platform)
Priority 2: Coach on PII on ChatGPT (warns if PII detected)
Priority 3: Log all interactions (records everything)

If you try to use DeepSeek, Priority 1 matches and blocks immediately. Priorities 2 and 3 are skipped.

Can policies have exceptions?

Not yet, but coming in v0.5:

• "Block ChatGPT except for IT team"
• "Block PII except for admins"

For now, create separate policies with different conditions (e.g., one for Finance, one for Engineering).

---

PII Detection

What kinds of PII does Noxys detect?

Tier 1 (Regex, built-in):

• Email addresses
• Phone numbers (intl formats)
• Credit card numbers (Luhn algorithm)
• IBAN (bank account numbers)
• French NIR (social security)
• French SIRET/SIREN (business IDs)

Tier 2 (Server-side, optional):

• Person names
• Medical terms
• Legal references
• IP addresses
• API keys (AWS, Azure, GCP)
• JWT tokens
• Financial amounts

Can it detect data in other languages?

Yes. Tier 1 regex works for:

• Any email (global format)
• Any phone number (E.164, intl)
• Any IBAN (global checksum)
• French NIR specifically

Tier 2 (Mistral 7B model) supports multiple languages but is optimized for English and French.

False positives?

Possible. For example:

• "I like the IP 192.168.0.1 example" (IP address pattern matches, but it's an example)
• Email-like text in a song lyric
• Accidentally formatted numbers

Mitigation:

• Adjust detection sensitivity (Settings → Classification Sensitivity)
• Review low-confidence matches (score < 0.7)
• Exclude specific patterns via allowlist (coming in v0.5)

Can you detect copy-pasted data?

Yes. The extension scans the DOM input field, so copy-pasted text is detected the same as typed text.

---

Integration & APIs

Can I integrate Noxys with my SIEM?

Yes. Send alerts via webhook to:

• Splunk
• Datadog
• Elastic
• New Relic
• Sentry
• Slack
• Custom HTTP endpoint

See Webhooks.

Can I use the API?

Yes. Full REST API available at /api/v1/. Endpoints:

• POST /auth/login — Get JWT token
• POST /interactions — Send an interaction
• GET /interactions — List interactions
• POST /policies — Create policies
• And many more...

See API Reference for complete docs.

Can I export my data?

Yes, multiple formats:

• CSV: Interactions, policies, audit log
• JSON: Full interaction data with all fields
• NDJSON (newline-delimited JSON): Streaming export for large datasets

Export from Dashboard → [section] → Export.

Do you have an SDK?

Coming in v0.5:

• Python SDK
• JavaScript/TypeScript SDK
• Go SDK
• Rust SDK

Early adopters can use the REST API directly.

---

Support & Compliance

What's your support SLA?

Plan	Response Time	Resolution Time
Free	48 hours (email)	Best effort
Starter	24 hours (email)	72 hours
Business	8 hours (email + Slack)	24 hours
Enterprise	2 hours (phone + Slack + email)	8 hours (critical)

All critical security issues: 2 hours response, 24 hours fix.

How do I report a security issue?

Email security@noxys.eu (monitored 24/7 for critical issues). See Security Guide.

Do not post publicly or in issues.

Is Noxys HIPAA compliant?

Not certified yet, but architecture supports it (encryption, audit logs, RLS). Contact us if you need HIPAA compliance.

Is Noxys SOC 2 compliant?

SOC 2 Type II audit in progress (target: Q2 2026).

Current controls implemented:

• ✅ TLS encryption
• ✅ RBAC and RLS
• ✅ Audit logging
• ✅ Vulnerability scanning
• ⏳ Third-party audit (Q2 2026)

What's your roadmap?

v0.2 (April 2026):

• IDE plugins (VS Code, Cursor)
• Tier 3 semantic classification
• Advanced policy exceptions
• SAML/OIDC SSO

v0.5 (June 2026):

• Endpoint agent for local AI tools
• Python/JS/Go SDKs
• ClickHouse analytics (sub-second queries)
• Custom classification models

v1.0 (August 2026):

• Open-source core engine
• Multi-region HA Kubernetes
• EU AI Act compliance dashboard
• SOC 2 Type II certified

See Architecture for architectural details.

---

Troubleshooting

Extension shows "Connection Error"

Solution:

1. Go to extension Settings → Advanced
2. Verify Backend URL is correct (should be your Noxys instance domain)
3. Verify API Token is valid (copy from Dashboard → Settings → API Keys)
4. Click "Test Connection"
5. If still failing, check your internet connection and backend status

No interactions appearing in dashboard

Solution:

1. Confirm extension is installed and enabled (check toolbar)
2. Open ChatGPT / Claude / Gemini (one of the monitored platforms)
3. Click the extension icon — should show "Connected" (green)
4. Type something in the AI chat and wait 10 seconds
5. Refresh the dashboard

If still nothing:

• Open DevTools (F12) → Console
• Look for errors related to Noxys
• Email support@noxys.eu with browser version and error message

Policy not blocking interactions

Solution:

1. Go to Dashboard → Interactions
2. Find a recent interaction that should have been blocked
3. Click to view details (platform_id, risk_score, classifications)
4. Go to Dashboard → Policies
5. Click the policy
6. Review conditions and match them against the interaction's fields
7. If conditions don't match, edit the policy

Common mistake: Policy is created but not enabled. Toggle the switch to "On".

Can't invite users

Solution:

1. Check email address is correct (typos prevent delivery)
2. Check spam/junk folder
3. If using SSO, user must exist in your Entra ID / LDAP first
4. Try logging out the inviter and back in (refresh auth state)

---

More Help

• Documentation: doc.noxys.cloud
• Email: support@noxys.eu
• Status page: status.noxys.cloud
• Community forum: forum.noxys.cloud
• Security issues: security@noxys.eu

---

Still have questions? Ask in the forum or contact support@noxys.eu.

Last updated: 2026-03-23