Certifications, data-handling commitments, security practices, sub-processors, and how to report a vulnerability — all on one page.
Continuous controls monitoring with an annual Type II report cadence covering security, availability, and confidentiality.
Information security management system mapped to ISO/IEC 27001:2022 controls; full statement of applicability available to enterprise customers under NDA.
Reference architecture designed against FedRAMP HIGH controls — boundary, encryption, audit logging, key management, and personnel screening posture.
Sovereign deployments are scoped against STQC readiness criteria for regulated public-sector use including air-gap, audit, and key-management controls.
Customer code never enters any training pipeline at any tier. The exclusion is contractual, auditable, and attested per tenant. Our models learn from public security literature, not your repositories.
Prompts, KV caches, and intermediate reasoning traces are scoped to the tenant that initiated them. No cross-tenant prompt reuse, no shared scratch memory, no cache bleed.
Sovereign and Enterprise deployments support customer-controlled key material for envelope encryption, signing, and attestation. We hold envelopes; you hold the master.
Material sub-processor categories listed below. The full live list — including named vendors, regions, and processing purpose — is provided to enterprise customers under NDA and updated on every material change.
| Category | Processing purpose |
|---|---|
| Cloud compute | Hosting of the managed control plane and reasoning inference (multi-region, customer-region pinned). |
| Object storage | SBOM artefact storage and audit-log archival (tenant-scoped buckets, customer-region pinned). |
| Observability | Application performance monitoring and security telemetry aggregation for the control plane. |
| Transactional email / comms | Account notifications, disclosure correspondence, and product transactional email. |
| Payments | Billing and invoicing for non-sovereign tiers. |
| Customer support | Ticketing, customer-success workflows, and support knowledge base. |
We operate a coordinated-disclosure programme with safe-harbour language for good-faith research. Acknowledgement on inbound reports is within two business days; remediation timelines are tracked publicly per advisory once a fix is available.
Please include reproduction steps, affected component, and any logs. We will acknowledge within two business days and credit reporters on remediated advisories if you wish.
Enterprise customers get full control documentation, sub-processor lists, pen-test summaries, and SOC 2 reports under NDA. Talk to us.