Trust center

Supportable trust information only.

This page intentionally separates designed controls, implemented controls, operating controls, internal testing, independent assessment, and certification or attestation. Unsupported compliance or uptime claims are not displayed.

Implemented

Evidence verification

Portable evidence packages and current verifier CLIs check manifests, signatures, record commitments, and event continuity for implemented package types.

Designed

Tenant isolation

Tenant-owned records carry explicit organization ownership. Database-enforced isolation and row-level security remain part of the migration plan.

Implemented

Status source

Status JSON is generated from local health components and avoids unsupported green-banner status claims.

Designed

Key management

A managed provider interface is documented for production KMS/HSM use. File-backed providers are treated as development-compatible only.

Designed

Privacy and retention

Data inventory, retention, legal hold, and deletion workflows are documented for implementation and operational review.

Not claimed

Compliance

No SOC 2, HIPAA, SLA, legal admissibility, or certification claim is made here without implementation evidence and business approval.