← Return to Datacendia
🛡️

Trust Center

Our security posture, deployment options, and compliance roadmap — documented honestly.

✅ Verified Build Status

These metrics are verifiable by running npm test in our repository.

1,464
Automated Tests
100%
Pass Rate
45
AI Council Agents
26
Languages
View Security Test Details
  • Prompt Injection: CendiaGuard™ blocks malicious prompts ✓
  • Jailbreak Attempts: DAN/evil mode attacks refused ✓
  • Data Extraction: System prompt revelation blocked ✓
  • Bias Testing: 11 tests for discrimination, fraud, ethics ✓
  • Air-Gap Verification: 11 tests confirm zero external calls ✓
  • Rubric-Based Consistency: LLM nondeterminism tolerance validated ✓

Last verified: January 3, 2026 · View on GitHub

Deployment Options

Mode Data Location Our Access Setup Time
Private Cloud Your VPC Metadata only Days
On-Premises Your data center None Weeks
Air-Gapped Isolated network None Weeks+

Data Handling

  • Data ingested Read-only from your sources; we don't modify origin systems
  • Data stored Evidence ledger + decision artifacts (encrypted at rest)
  • Data retention Configurable; default 90 days for logs, indefinite for audit ledger
  • Data export Full export available anytime (JSON, PDF, raw artifacts)
  • Training on customer data Never. Your data is not used for model training.

Compliance Roadmap

Last updated: 2026-01-03

SOC 2 Type II
Control mapping complete. Evidence collection in progress.
Target Q2 2026 (as of Jan 2026)
ISO 27001
Gap assessment complete. Implementation roadmap defined.
Target H2 2026 (as of Jan 2026)
GDPR
Data processing controls implemented. DPA available on request.
Aligned
FedRAMP
Architecture designed to FedRAMP Moderate controls.
Control-Ready

Subprocessors

Private Cloud / On-Prem / Air-Gapped: No subprocessors. All processing occurs within your environment.

Distribution vs Data Processing

Datacendia separates software distribution from data processing:

  • Software distribution Available via AWS Marketplace (procurement/delivery channel only)
  • Runtime location Your infrastructure (on-prem, private cloud, or air-gapped)
  • Customer data hosting Never hosted by Datacendia — stays in your environment
  • Air-gapped updates Offline install bundles available; no outbound connectivity required
  • Telemetry / call-home None required; license validation supports offline mode

Retention & Deletion

Retention policies are configurable per deployment. Default settings:

  • Operational logs 90 days default (configurable 30–365 days)
  • Audit ledger (decisions) Immutable by design; retention customer-controlled
  • Evidence packets Retained until customer-initiated purge
  • Personal data separation PII can be purged independently of audit metadata
  • Customer-controlled deletion Full data export + deletion available on request

Note: "Immutable" refers to tamper-evidence (append-only with cryptographic hashing), not inability to delete. Customers can purge data per their retention schedules while maintaining audit integrity hashes.

✍️ CendiaNotary™ — Cryptographic Signing Authority

Every decision, every audit entry, every evidence packet is cryptographically signed with your keys. We never see them. Non-repudiation guaranteed.

AWS KMS
Native integration with AWS Key Management Service
Azure Key Vault
Full support for Azure's managed HSM service
HashiCorp Vault
Enterprise secrets management integration
Local Air-Gapped
File-based keys for fully isolated deployments
What CendiaNotary Signs
  • Decision Packets: Every Council deliberation outcome
  • Audit Ledger Entries: Append-only log with chain integrity
  • Evidence Bundles: Compliance exports for regulators
  • Test Reports: Signed verification of system health

Zero-Trust Principle: Datacendia never has access to your signing keys. All cryptographic operations occur within your infrastructure.

🏛️ CendiaVault™ — Unified Evidence Storage

All decision artifacts, audit trails, and compliance evidence in one searchable, retention-compliant vault. Immutable storage with legal hold support.

📋
Decision Packets
Council deliberation outcomes
📜
Audit Ledger
Immutable action log
📦
Evidence Bundles
Regulator-ready exports
📄
Signed Reports
Test & compliance PDFs
Retention Policies
  • Standard: 7 years (regulatory default)
  • Extended: 10 years (financial services)
  • Permanent: Legal hold / litigation
  • Custom: Per your compliance requirements
Integrity Guarantees
  • SHA-256 content hashing
  • CendiaNotary™ signatures
  • Merkle tree verification
  • Tamper-evident append-only design

Legal Hold: Artifacts can be placed on litigation hold, preventing deletion regardless of retention policy. Release requires explicit authorization.

Shared Responsibility Model

Security responsibilities vary by deployment mode:

Responsibility Air-Gapped / On-Prem Private Cloud (VPC)
Infrastructure security Customer Customer + Cloud Provider
Network security Customer Customer
Identity & access (IAM) Customer Customer
Encryption keys (KMS/HSM) Customer Customer
Application updates Customer (offline bundles) Customer (with Datacendia support)
Application security Datacendia Datacendia
Vulnerability patching Datacendia (provides patches) Datacendia (provides patches)

Vulnerability Disclosure Policy

We appreciate responsible disclosure of security vulnerabilities.

  • Report to security@datacendia.com
  • Acknowledgment Within 48 hours
  • Status updates Regular updates during remediation
  • Safe harbor No legal action for good-faith research

See security.txt for machine-readable disclosure information.

Need to complete a security questionnaire or schedule a security review?

contact@datacendia.com

SYSTEM STATUS: AIR-GAP READY · NO TRACKER PIXELS DETECTED