Security & Compliance — TrustedAIGov

Security

How we protect your data

Enterprise-grade controls across data, encryption, access, isolation and evidence — one consistent standard.

🔐

Data protection

UK GDPR aligned
DPA available on request
Documented retention periods

🌍

Data residency

Configurable region
Know where your data lives
Kept within agreed boundaries

🔒

Encryption

TLS in transit
Encrypted at rest
Protected on underlying storage

👥

Access & identity

Role-based access control
SSO / SAML on Enterprise
Least-privilege by default

🧱

Tenant isolation

Multi-tenant architecture
Per-tenant logical isolation
No cross-tenant access

🧾

Evidence integrity

Tamper-evident ledger
Cryptographic hashing
Immutable audit log

Certifications & alignment

We are precise about what is certified versus what we are aligned to, designed for, or building toward.

Cyber Essentials — Certified ISO/IEC 42001 — Aligned EU AI Act — Designed for NIST AI RMF — Aligned SOC 2 — On our roadmap ISO/IEC 27001 — On our roadmap

Only Cyber Essentials is certified. SOC 2 and ISO/IEC 27001 are on our roadmap and are not claimed as achieved.

Documentation on request

Evaluating us? We share the documents your security team expects to see.

📄

Data Processing Agreement

A signable DPA for enterprises that require a processing agreement before onboarding.

🔗

Sub-processor list

An up-to-date list of the sub-processors we rely on to deliver the platform.

🛡️

Security overview

A security overview describing our controls, available to evaluating enterprises on request.

Talk to TAI → Contact Sales

Ready to put it through review?

Bring your security and compliance teams. We will share the documentation and answer the hard questions.

Talk to TAI → Contact Sales