Security & Compliance

Enterprise-grade security built into every layer. Your data is protected with industry-leading encryption, compliance certifications, and security practices.

SOC 2 Type II

Certification in progress

Expected completion: Q2 2026

GDPR Compliant

Full compliance with EU data protection

HIPAA Ready

Coming Soon - Enterprise plans

Security Features

Encryption

TLS 1.3 in transit

All data encrypted during transmission

AES-256 at rest

Database and storage encryption

Key rotation

Automatic encryption key rotation

API Key Security

Encrypted storage

Your provider API keys are encrypted

Scoped permissions

Fine-grained access control

Key rotation

Easy key rotation without downtime

Privacy & Data Handling

On-premise option

Data never leaves your servers with Docker deployment

Data isolation

Customer data fully isolated per organization

PII redaction

Automatic PII detection and redaction in documents

Infrastructure Security

Cloud infrastructure

Hosted on secure cloud providers

DDoS protection

Enterprise-grade DDoS mitigation

Network isolation

VPC isolation and private networking

Customer-Managed Keys (CMEK)

Enterprise

Bring your own KMS

AWS KMS, Azure Key Vault, or GCP Cloud KMS integration

Full key lifecycle control

Customer controls rotation, revocation, and access policies

Zero-knowledge architecture

DueVault.ai cannot access data if customer revokes key

VPC & Private Connectivity

Enterprise

AWS PrivateLink / Azure Private Endpoint

No data traverses the public internet

VPC peering

Direct peering with your infrastructure for on-premise integrations

IP allowlisting

Restrict access to approved networks and IP ranges only

Enterprise Cloud & Air-Gapped Deployment

Enterprise Cloud

Deploy within your own cloud tenant

For regulated industries requiring complete data sovereignty. All AI processing runs within your Azure or AWS tenant with zero shared infrastructure.

Architecture

Customer Azure/AWS tenant deployment

VPC isolation with no shared resources

Dedicated compute instances

BYO LLM provider support

Security

CMEK via Azure Key Vault / AWS KMS

Private endpoints only, no public internet

Air-gapped operation capable

Annual penetration testing

Compliance

HIPAA BAA included

FedRAMP ready architecture

Custom data residency (EU/US/APAC)

SOC 2 + ISO 27001 audit support

Contact Sales for Enterprise Cloud

Audit & Compliance

Immutable Audit Logs

Blockchain style audit trail for compliance

Every action is logged with cryptographic signatures to ensure tamper proof audit trails.

Cryptographic hashing
Chain verification
Tamper detection
Export capabilities

Compliance Reports

Automated compliance reporting

Generate compliance reports for SOC 2, GDPR, HIPAA, and custom frameworks.

SOC 2 reports
GDPR compliance
HIPAA audit trails
Custom frameworks

Security Practices

Our commitment to security excellence

Development Security

Secure development lifecycle (SDLC)
Code review requirements
Automated security scanning
Dependency vulnerability monitoring
Regular penetration testing

Operational Security

24/7 security monitoring
Incident response plan
Regular security audits
Employee security training
Access control and MFA

Responsible Disclosure

We take security seriously. If you discover a security vulnerability, please report it to us responsibly.

Email: bd@dtrasglobal.com

Response Time: Within 24 hours

Bug Bounty: Coming soon

Ready to secure your compliance?

Talk to our team about how we protect your data at every layer.

Book a Security Briefing

Security Features

Encryption

TLS 1.3 in transit

All data encrypted during transmission

AES-256 at rest

Database and storage encryption

Key rotation

Automatic encryption key rotation

API Key Security

Encrypted storage

Your provider API keys are encrypted

Scoped permissions

Fine-grained access control

Key rotation

Easy key rotation without downtime

Privacy & Data Handling

On-premise option

Data never leaves your servers with Docker deployment

Data isolation

Customer data fully isolated per organization

PII redaction

Automatic PII detection and redaction in documents

Infrastructure Security

Cloud infrastructure

Hosted on secure cloud providers

DDoS protection

Enterprise-grade DDoS mitigation

Network isolation

VPC isolation and private networking

Customer-Managed Keys (CMEK)

Enterprise

Bring your own KMS

AWS KMS, Azure Key Vault, or GCP Cloud KMS integration

Full key lifecycle control

Customer controls rotation, revocation, and access policies

Zero-knowledge architecture

DueVault.ai cannot access data if customer revokes key

VPC & Private Connectivity

Enterprise

AWS PrivateLink / Azure Private Endpoint

No data traverses the public internet

VPC peering

Direct peering with your infrastructure for on-premise integrations

IP allowlisting

Restrict access to approved networks and IP ranges only

Enterprise Cloud & Air-Gapped Deployment

Enterprise Cloud

Deploy within your own cloud tenant

For regulated industries requiring complete data sovereignty. All AI processing runs within your Azure or AWS tenant with zero shared infrastructure.

Architecture

Customer Azure/AWS tenant deployment

VPC isolation with no shared resources

Dedicated compute instances

BYO LLM provider support

Security

CMEK via Azure Key Vault / AWS KMS

Private endpoints only, no public internet

Air-gapped operation capable

Annual penetration testing

Compliance

HIPAA BAA included

FedRAMP ready architecture

Custom data residency (EU/US/APAC)

SOC 2 + ISO 27001 audit support

Contact Sales for Enterprise Cloud

Audit & Compliance

Immutable Audit Logs

Blockchain style audit trail for compliance

Every action is logged with cryptographic signatures to ensure tamper proof audit trails.

Cryptographic hashing
Chain verification
Tamper detection
Export capabilities

Compliance Reports

Automated compliance reporting

Generate compliance reports for SOC 2, GDPR, HIPAA, and custom frameworks.

SOC 2 reports
GDPR compliance
HIPAA audit trails
Custom frameworks

Security Practices

Our commitment to security excellence

Development Security

Secure development lifecycle (SDLC)
Code review requirements
Automated security scanning
Dependency vulnerability monitoring
Regular penetration testing

Operational Security

24/7 security monitoring
Incident response plan
Regular security audits
Employee security training
Access control and MFA