Audit & assurance
The evidence that closes procurement
Where to find our SOC 2, penetration tests, sub-processor list, and DPAs. Everything your procurement, legal, and audit teams need, in one place.
The documents that close procurement.
Each artefact available on request or via direct link. Enterprise customers receive a named account contact for expedited delivery.
SOC 2 Type II
Available under NDA on request. Email us with your company name and we will provide the report and supporting bridge letter.
Penetration test summary
Annual third-party penetration test executive summary available on request. Full report available under NDA for enterprise prospects.
Sub-processor list
The complete list of third-party sub-processors with data-residency notes and a 30-day change-notice commitment. Updated whenever the list changes.
DPA template
Our standard Data Processing Addendum is available on request. Enterprise customers with an Order Form may request a countersigned version.
Security overview
Dual hash-chained ledger, External Auditor Seats, RBAC (7 roles), encryption at rest and in transit, responsible-disclosure programme - all on one page.
Evidence you can verify - not just claims you have to trust.
Platform-level assurance
- Dual hash-chained ledger - platform event log + blockchain-anchored test results
- External Auditor Seats with cryptographic seal + RFC3161 timestamps + probe manifest
- EvidenceExtractionAgent: upload SOC2 / DPIAs / model cards, get byte-verified attestations
- Editable judge prompts - every change anchored to the blockchain, full provenance
Operational security
- Encryption at rest (Fernet + KMS) and in transit (TLS 1.3)
- RBAC - 7 roles: super_admin, admin, tester, viewer, auditor, compliance, external_auditor
- Multi-tenant workspace isolation - tenant column on every entity
- Per-severity SLAs: Critical 4h · High 24h · Medium 7d · Low 30d
- Annual third-party penetration test
Trust layer for enterprise AI