Skip to content
← Blog
Product

Your API Keys, Your Data: How BYOK Changes the AI Security Conversation

Most AI platforms proxy your data through their servers. JieGou's bring-your-own-keys model means your data goes directly to the provider you choose — and nowhere else.

JT
JieGou Team · · 4 min read

The first question any security-conscious team asks about an AI automation platform is: “Where does our data go?”

With most platforms, the answer is complicated. Your data goes to their servers, gets processed, maybe gets logged, then gets forwarded to an AI provider. You’re trusting two companies instead of one, and the platform’s data handling policies become as important as the AI provider’s.

JieGou takes a different approach. We don’t proxy your AI calls. We encrypt your API keys with AES-256-GCM before they touch our database. We don’t see your prompts or response content.

How BYOK works

When you set up JieGou, you connect your own API keys for each AI provider — Anthropic, OpenAI, Google, or any combination. These keys are encrypted at rest using AES-256-GCM and stored in your account’s isolated Firestore namespace. When a recipe runs, the key is decrypted in memory and used to make the API call directly to the provider.

When a recipe runs:

  1. Your input data goes from the browser to our server
  2. Our server constructs the prompt using your recipe template
  3. The API call goes directly to the AI provider using your key
  4. The response comes back through our server to your browser
  5. We record metadata (token counts, timing, status) but not the prompt or response content

Your data flows between you and the AI provider. We’re the orchestration layer, not a data intermediary.

What this means in practice

You control rate limits and spending. Your API key, your provider account, your billing dashboard. If you set a $500/month spending cap with Anthropic, that’s between you and Anthropic. We track usage so you can see costs per recipe and department, but the actual billing relationship is yours.

You control data retention. Each AI provider has its own data retention and training policies. Anthropic’s commercial API doesn’t train on your data. OpenAI’s API has a similar policy. You choose the provider whose policies match your requirements — we don’t add another layer of policies on top.

You can use different providers for different sensitivity levels. Some teams use Claude for customer-facing content (where they want Anthropic’s data policies) and GPT for internal summaries (where speed matters more). Per-step model selection means you can make this choice at the workflow level.

Compliance is simpler. When your compliance team asks “who has access to our data?”, the answer is your AI provider of choice. Not “our AI provider plus this automation platform plus their subprocessors.” One vendor relationship to evaluate instead of two.

What we do store

We’re transparent about what JieGou does keep:

  • Recipe and workflow definitions — Your prompt templates, schemas, and workflow configurations. These are your intellectual property and are stored in your account’s Firestore namespace.
  • Execution metadata — Token counts, timing, model used, success/failure status. This powers the analytics dashboard and cost tracking.
  • Workflow structure — Step configurations, input mappings, and scheduling data.

We do not store the actual content of your prompts after they’re sent, the AI’s responses, or your input data after execution completes.

The trade-off

BYOK means you manage your own API keys and provider relationships. You need an Anthropic account to use Claude, an OpenAI account to use GPT, and a Google Cloud account to use Gemini. This is slightly more setup than platforms that bundle AI access into their pricing.

We think it’s worth it. The security model is cleaner, the cost structure is transparent (you pay provider rates with no markup), and you maintain direct control over your data.

Getting started with BYOK

Setup takes about two minutes per provider:

  1. Create an API key in your provider’s dashboard (Anthropic Console, OpenAI Platform, or Google AI Studio)
  2. Enter the key in JieGou’s setup page
  3. Select which models you want available

You can start with one provider and add others later. Most teams start with Claude or GPT and expand as they discover use cases where a different model fits better.

security byok privacy enterprise

Explore more

⚙️ Enterprise Plan ⚙️ Platform Overview ⚙️ How It Works
Share this article

Related articles

80% of Your Workforce Uses Unapproved AI. Here's What It's Costing You.

Shadow AI isn't hypothetical. 80%+ unapproved usage, 33% sharing proprietary data, $650K+ per breach. The crisis is quantified. Here's how governance prevents it.

412 Policies, Zero Gaps: Enterprise Compliance for AI Automation

How JieGou's compliance framework covers 17 domains with 412 pre-filled policy documents, Terraform-based evaluation scoring, and automated posture assessment — built for regulated industries.

Why Governed State Beats Persistent Memory for Enterprise AI

OpenAI and Amazon announced a Stateful Runtime Environment for Frontier agents. Here's why JieGou's governed state architecture — where every state mutation is visible, auditable, and scoped — is the better approach for enterprise AI.

Enjoyed this post?

Get workflow tips, product updates, and automation guides in your inbox.

No spam. Unsubscribe anytime.

← Back to all posts