Data Access & Handling Policy

Akita practices responsible data access and storage. That means Akita does not access or store more data than we need to do our jobs. But we believe it's not enough to just say we practice data access and storage, we need to go further and provide greater transparency. As part of this commitment we have detailed how and why we access, process, transmit, and store the data generated during tests.


The Akita Client monitors raw network traffic between services to generate API specifications. This data is only visible to the Akita Client and never leaves the host. No network traffic is shared; the Akita Cloud only receives the results of the inspection.


The Akita Client processes witnesses locally, on the host, or test worker. The Akita Cloud will then process and analyze the witnesses producing API Specifications and Insights.


All communication between the Akita Client and the Akita Cloud is done over HTTPs with TLS 1.2. Authentication and authorization will be handled by JWT tokens issued from Akita.


All test witnesses and artifacts are stored in the Akita Cloud using on-disk encryption and are only accessed using secure methods and encryption whenever possible. Data deletion or purging of sensitive information is available upon request. Akita provides a 5 business day SLA for all deletion requests.

What’s Next