Security

Built for
regulated industries.

Every layer designed with data minimisation, auditability, and compliance in mind.

Data Protection
Minimum data collection with purpose-limitation built into the API schema.
  • TLS 1.3 in transit
  • AES-256 at rest
  • MSISDN pseudonymisation
  • 30-day log retention max
  • Right to erasure supported
Model Governance
Every Claude AI call includes full reasoning logs. Decisions are immutably auditable.
  • Immutable decision audit trail
  • Human override workflow
  • Model version pinning
  • Bias testing quarterly
Infrastructure Controls
On-premise deployment keeps data within your perimeter.
  • On-premise deployment option
  • VPC isolation support
  • mTLS service-to-service
  • Zero external ML dependency (core)
Audit & Compliance
Structured JSON audit logs for every AI decision. Built for regulator review.
  • GDPR article 22 compliant
  • NDPR (Nigeria) aligned
  • SOC 2 Type II (enterprise)
  • Webhook-based SIEM integration