When BioMedware generates a license, user attributes (such as your email address or company name) are embedded into the corresponding license key metadata. At Vesta startup, the license key is validated to confirm it has the expected format, is cryptographically signed with a BioMedware signature, and can be properly decoded. If any of these checks fail, or if tampering is detected, Vesta falls back to a secure default state.

Vesta performs license validation for single-user license holders every 7 days through our third-party license provider, Keygen. This validation requires an internet connection, though a 3-day grace period is in place for users without immediate access. A machine fingerprint is used during this process to tie your license to your device. Only this encoded fingerprint is stored by Keygen, not raw system information. The number of machines permitted per license is managed through Keygen and may vary by license type; contact support@biomedware.com for details on your specific license terms.

Summary: Vesta licenses are cryptographically signed and validated regularly, with secure machine fingerprinting and tamper detection built in.

All data you import into Vesta is processed and analyzed locally on your machine. Vesta does not transmit your raw data values to any external server or cloud service. Any data saved to Vesta project files (.gmd) or exported via reports and visualizations is stored only on your local drive and is never retained outside of your session.

Vesta stores application and project data using isolated storage containers with JSON serialization on the desktop, with atomic file operations to prevent corruption during reads and writes. Cached data is stored in your system’s local application data directory with proper permissions, and separate data sources use isolated cache directories so your datasets are never mixed. That said, Vesta project files are stored locally without application-level encryption — data-at-rest protection depends on your machine’s own security measures, such as disk encryption and user access controls. If you work with sensitive data, we recommend ensuring your operating system’s security features are appropriately configured.

Summary: Vesta does not send, store, or remotely save any data you import — your analysis data remains entirely on your machine.

Vesta includes an optional LLM Advisor that allows you to ask questions and request guidance related to spatial data analysis, visualization, and exploration within the software. This feature communicates with an external AI service over an encrypted HTTPS connection.

Authentication for the Advisor uses Auth0, an industry-standard OAuth 2.0 / OpenID Connect provider, with PKCE (Proof Key for Code Exchange) to secure the authorization flow. Session tokens are managed using JWTs (JSON Web Tokens) with automatic refresh and secure local storage. API keys used by the Advisor are stored securely on your machine and are never logged or exposed.

What the Advisor sends

The Advisor does not transmit your raw data values (the actual numbers, measurements, or records in your dataset). However, to provide relevant, context-aware responses, each Advisor request includes the following metadata:

• Dataset names and observation/object counts
• Variable names (both numeric and categorical)
• Grid details (grid name, dimensions, and cell size)
• Prediction model names
• Open workspace names and visualization slot contents
• Your Windows username (passed via a proxy header for session identification)

This means that if your dataset names, variable names, or column headers contain sensitive information — such as protected health information (PHI), personally identifiable information (PII), or proprietary terminology — that information will be transmitted to the external AI service as part of the Advisor request.

Recommendations for sensitive environments

If your data governance policies are strict about metadata exposure, we recommend:

• Avoid embedding sensitive information in dataset names, variable names, or column headers (e.g., use “var_01” rather than a name that includes patient identifiers or proprietary project names).
• Be aware that your Windows username is transmitted with each Advisor request. If your Windows username contains identifying information, consider this when deciding whether to use the Advisor.
• The Advisor is entirely optional. If your organization’s policies restrict the transmission of any metadata to external cloud services, you can simply not use the feature. Vesta will continue to function with full analytical capability offline.

Summary: The LLM Advisor is an optional feature that uses a secure, authenticated connection. It does not transmit your raw data values, but it does send dataset metadata to provide context for AI responses.

Vesta uses third-party software libraries for generating maps and charts. When creating Map visualizations, map tiles are provided by MapTiler and rendered using the ThinkGeo library to display a background base map. Base maps are received and displayed only — Vesta does not send your data or any user feedback to ThinkGeo or MapTiler.

However, users should be aware that tile requests to MapTiler do inherently reveal the general geographic area you are viewing, since the map service must know which tiles to deliver. No attribute data, variable values, or metadata from your dataset is included in these requests. If you are working with sensitive or individually identifiable location data, we recommend using ID proxies or anonymized geographic identifiers. The map querying function in Vesta also displays metadata for each geographic object when hovering, but this metadata is processed entirely locally and is never shared externally.

For charting visualizations, Vesta uses SciChart libraries. All chart data is processed and rendered within Vesta on your machine, and there is no communication with external servers for SciChart functionality. All third-party dependencies undergo regular security scanning to identify and address potential vulnerabilities.

Summary: Third-party libraries used for maps and charts do not have access to your imported data, and Vesta does not send user data or feedback to these services.

When a new version of Vesta is released, licensed users are prompted to update the software at launch. Updates are delivered over an encrypted HTTPS connection and are cryptographically signed to ensure their authenticity and integrity — your machine verifies the signature before applying any update, preventing tampered software from being installed.

The update process transmits only the information necessary to check for and download the new version. No user data or analysis files are included. If your environment requires advance notice before software changes, or if you operate behind a restrictive firewall, please contact support@biomedware.com to discuss your update requirements.

Summary: Vesta updates automatically with cryptographically verified downloads, ensuring you always have the latest features and security patches.

In addition to single-user licenses, Vesta offers multi-user (floating) license options for lab or shared-use settings. In these environments, Vesta maintains complete isolation between user accounts. Your data, projects, and session information are segregated from other users on the same system, and access attempts are securely logged.

No user data is ever mixed with or exposed to other users, regardless of the licensing arrangement. Each user maintains full control over their own imported data, saved projects, and exported outputs. For organizations with specific access-control requirements, please contact sales@biomedware.com to discuss configuration options.

Summary: In shared environments, user sessions are fully isolated — one user’s data is never accessible to another.

Is Vesta HIPAA-compliant?

Vesta is a desktop application that performs all data analysis locally on your machine. It does not transmit your raw data values to external servers. However, if you use the optional LLM Advisor, dataset metadata — including dataset names, variable names, workspace state, and your Windows username — is sent to an external AI service (see the LLM Advisor section above for the complete list). If your dataset names or variable names contain PHI, this metadata transmission may have HIPAA implications. Because Vesta does not function as a cloud service or data processor, overall HIPAA compliance responsibility rests with your institution’s existing security infrastructure — including disk encryption, access controls, and network policies on the machines where Vesta is installed.

Does Vesta collect telemetry or usage data?

No. Vesta does not automatically collect or transmit telemetry, usage analytics, or diagnostic data. The only outbound connections Vesta makes are for license validation (every 7 days via Keygen), map tile retrieval (via MapTiler, when creating Map visualizations), software update checks, and optionally, the LLM Advisor.

What should I do if I work with sensitive or individually identifiable data?

We recommend the following best practices:

• Avoid placing sensitive information in dataset names, variable names, or column headers, especially if you plan to use the LLM Advisor. Use generic or coded identifiers instead.
• Enable full-disk encryption on your machine and restrict user access to the Vesta installation.
• Use ID proxies or anonymized geographic identifiers when working with individually identifiable location data, particularly for Map visualizations.
• If your data governance policy restricts external network connections, you can operate Vesta fully offline (license validation allows a 3-day grace period, and the LLM Advisor is optional).
• Review your organization’s IRB or data use agreement requirements and confirm that local desktop analysis is within scope.

What outbound network connections does Vesta make?

Can I run Vesta in an air-gapped or restricted network environment?

Yes. Vesta’s core analytical functionality works entirely offline. License validation includes a 3-day grace period for environments without regular internet access. Map visualizations will require network access for tile retrieval, but all other features — data import, statistical analysis, charting, and project management — operate without any external connection.

Summary: Vesta is designed with data minimization and local processing to support your organization’s compliance requirements.

Vesta applies multiple layers of security throughout the application. All imported files undergo strict format validation, and user inputs are sanitized and type-checked before processing. JSON data is deserialized using custom converters with schema validation to prevent injection attacks. Error messages are designed to be informative without exposing sensitive system information, and the application degrades gracefully when individual components encounter failures.

On the development side, BioMedware follows secure coding practices including static code analysis, regular security scanning of third-party dependencies, and isolated testing environments that use mock data rather than real user information. All configuration data containing sensitive settings is encrypted at rest, and development, testing, and production environments are clearly separated.

Summary: Vesta is built with defense-in-depth security practices across input validation, memory management, error handling, and development processes.