Security and Compliance
Code ownership, IP transfer, NDAs, and security review are built into every engagement. We operate within your security perimeter, never use your data to train models, and transfer full IP ownership as standard.
100%
IP transfer on every engagement
24hr
NDA execution time
5 days
Vendor onboarding completion
What we commit to
Seven pillars of trust
SOC2 Compliance
- SOC2 Type I audit currently in progress across security, availability, and confidentiality trust service criteria
- Controls cover: access management, encryption at rest and in transit, incident response, vendor risk, change management, and employee security training
- SOC2 report shared with prospective clients under NDA once audit is complete
Data Handling Policy
- Client data is never used to train third-party models
- We operate within your cloud environment and security perimeter
- PII detection and redaction before any LLM processing
- Data retention policies agreed per engagement and enforced automatically
IP and Code Ownership
- Full IP transfer on every engagement. Code is yours from day one.
- No license lock-in, no vendor dependency, no proprietary frameworks
- Open-source tools and standard infrastructure so your team owns everything
- IP assignment clauses standard in our contracts
NDA Standards
- Mutual NDAs signed before first technical conversation
- Covers: project details, architecture, business strategy, client data, proprietary processes
- Client-provided NDAs accommodated. Execution within 24 hours.
GDPR Readiness
- Systems comply with GDPR for clients with EU operations or customers
- Consent management, DSAR handling, right to erasure, data minimisation
- Privacy-by-design architecture on all new builds
Penetration Testing
- Security reviews on all production deployments
- Third-party pen testing supported with remediation within agreed SLAs
- OWASP Top 10, dependency scanning in CI/CD, prompt injection testing
Vendor Onboarding
- Pre-filled security questionnaires, architecture diagrams, AI risk registers
- Data flow documentation, insurance certificates, team background verification
- Average vendor onboarding: 5 business days
SOC2
Type I In Progress
Security, Availability, Confidentiality
24hr
NDA Execution
Signed before first technical conversation
5 days
Vendor Onboarding
Security questionnaire to approval
Pre-filled Vendor Security Questionnaire
Save your procurement team hours. Download our pre-filled security questionnaire covering infrastructure, data handling, access controls, incident response, and compliance posture.
Download PDFNeed more detail?
Request our full security deck, architecture documentation, or schedule a call with our engineering team to discuss your specific compliance requirements.
