Evidence verification
Portable evidence packages and current verifier CLIs check manifests, signatures, record commitments, and event continuity for implemented package types.
Trust center
This page intentionally separates designed controls, implemented controls, operating controls, internal testing, independent assessment, and certification or attestation. Unsupported compliance or uptime claims are not displayed.
Portable evidence packages and current verifier CLIs check manifests, signatures, record commitments, and event continuity for implemented package types.
Tenant-owned records carry explicit organization ownership. Database-enforced isolation and row-level security remain part of the migration plan.
Status JSON is generated from local health components and avoids unsupported green-banner status claims.
A managed provider interface is documented for production KMS/HSM use. File-backed providers are treated as development-compatible only.
Data inventory, retention, legal hold, and deletion workflows are documented for implementation and operational review.
No SOC 2, HIPAA, SLA, legal admissibility, or certification claim is made here without implementation evidence and business approval.