Enterprise-Grade Security

Trust & Security Center

AIComply is built for enterprise compliance teams who require the highest standards of data protection, security, and regulatory transparency. Here is everything you need for your procurement review.

Security Posture

Encryption at rest

AES-256Active

Encryption in transit

TLS 1.3Active

Password hashing

bcrypt (12 rounds)

API key storage

SHA-256 hashed

Authentication

MFA-supportedActive

Access control

4-tier RBAC

API rate limiting

1,000 req/hr

Security headers

CSP, HSTS, X-FrameActive

EU Data Residency

Application hosting

AWS eu-west-1 (Ireland)EU

Database

Neon PostgreSQL (EU)EU

File storage

AWS S3 eu-west-1EU

AI processing

Anthropic Claude API

AI data retention

Zero retentionVerified

Cross-border transfers

EU SCCs in place

Payment processing

Stripe (PCI DSS L1)

Supervisory authority

Irish DPC

Certifications & Regulatory Compliance

In Progress

Cyber Resilience Act

Reg. (EU) 2024/2847

SBOM maintained, vulnerability disclosure active. CE marking target: Dec 2027.

Planned

ISO/IEC 42001

AI Management System

AI governance framework aligned. Stage 1 audit targeting Q3 2026.

Compliant

GDPR Compliance

Reg. (EU) 2016/679

DPO designated, DPA published, data rights implemented, breach procedures active.

Planned

SOC 2 Type II

AICPA Trust Services

Security, availability, and confidentiality controls under implementation.

Software Bill of Materials

CRA-compliant dependency transparency

Vulnerability Disclosure

Responsible disclosure policy & process

Data Processing Agreement

GDPR-compliant DPA with sub-processors

Platform usage terms & liability framework

Enterprise Security Inquiries

For security questionnaires, SOC 2 reports, or custom DPA negotiations, contact security@ai-comply.app