Trust center
Data handling with clear boundaries
Evidence stays where you want it. NDA-ready. Default is minimal retention. Specific terms defined by written engagement agreement.
Least dataClient-controlled storageMinimal retentionFull traceability
Data residency
Platform infrastructure runs on Neon PostgreSQL (AWS eu-central-1). Evidence files processed in-memory, not persisted beyond the engagement.
- EU-hosted database (Frankfurt)
- No cross-border transfers without agreement
Encryption
All data encrypted at rest (AES-256) and in transit (TLS 1.2+). SHA-256 integrity hashes on every evidence file.
- TLS 1.2+ on all connections
- AES-256 at rest via managed encryption
Incident response
If a data incident occurs, notification within 24 hours with scope, impact, and remediation steps.
- 24-hour notification target
- Post-incident review with root cause
Have specific requirements?
NDA, custom storage, or compliance requirements — we align during scoping.