Your data stays yours. Built in from the first line.
“Handing AI your company’s data is the part that should worry you most. So it is the first thing we design, not the last thing we bolt on.”
Teddy James — Founder, Tercero Analytics
We are GDPR compliant today, our SOC 2 certification is in progress with an independent auditor, and here is exactly how it works.
An invested commitment to the highest security standards available.
-
Hosted in your own cloud
Your data and the system live in your environment, in the UK or a GDPR region you choose. On AWS Bedrock, London region by default, so your prompt and response data never leave that environment.
-
Never co-mingled
Your data is stored completely separately, never mixed with another client's or with our own market-intelligence layer. If we ever bring market data to you, it is a point-in-time snapshot, not shared access to a common store.
-
Never used to train a model
Routed through AWS Bedrock enterprise terms, your content is not used to improve any base model and is not shared with model providers. The model layer is swappable without changing this posture.
-
Encrypted, least-privilege, logged
Encrypted at rest and in transit. Access to your sources is read-only, signed-token and logged, role-based and least-privilege from day one. No one can quietly alter your source documents.
-
A clean, portable exit
Deletion and portability are written into the scope of work. A clean 30-day exit, with the data layer left in the environment you prefer. You keep everything.
-
Compliant, and certifying
We meet UK GDPR obligations today. Our SOC 2 certification is in progress with an independent auditor, with continuous control monitoring. A Type I report is in preparation, with a Type II window to follow. We will share the trust report openly.
Send us your security questions.
Your IT or compliance team will have a list. Send it over. We will answer in plain English and share our security one-pager.
No forms, no funnel. Your email lands with a founder.