Trust Center

Everything your review team needs, in one place.

Cortex is the operating system for governed AI agents — so trust is the product, not a page. Here is exactly how we secure your data, which subprocessors we use, the SLAs we commit to, where your data can live, and the frameworks we align to. Every run is recorded in a tamper-evident Trust Ledger your auditors can verify offline.

Aligned with EU AI Act · NIST AI RMF · ISO 42001 · last updated June 29, 2026

audit/verify
#101hash ✓#102hash ✓#103hash ✓#104hash ✓#105hash ✓
head 0x9f3a…c1ok: true
verifyChain ▸ chained SHA-256 · signed receipts
Compliance alignment

Mapped to the frameworks your auditors already use.

Cortex is built for and aligned with the controls below, with one-click evidence export through Compliance Packs. We say aligned with, never certified — certifications are pursued, not claimed.

SOC 2ISO 27001ISO 42001HIPAAGDPREU AI ActNIST AI RMFFINRA

aligned with · not certified — request our control mappings under NDA

Data handling

How your data is protected, isolated, and retired.

Encryption in transit and at rest, strict per-tenant isolation, and retention you control — the defaults a regulated buyer expects, enforced by the runtime rather than by policy alone.

Encryption at rest

Stored data and secrets are encrypted at rest with AES-256; provider keys and connector vault secrets are sealed and fail closed without a configured encryption key — no run starts on a missing key.

Encryption in transit

All traffic runs over TLS 1.2+. Session cookies are marked Secure in production, and internal service calls are authenticated so the audit and event write paths cannot be forged.

Tenant isolation

Every tenant-owned resource is keyed and queried on (tenantId, id). The gateway pins the trusted tenant from the API key and overwrites any caller-supplied identity — one tenant can never reach another's data.

Retention & deletion

You set retention windows per data class; on contract end we delete or return your data on request. The Trust Ledger keeps tamper-evident proof of every deletion event.

Provable, not promised

Every access and deletion lands in a ledger you can verify offline.

Cortex records every gate decision and data event in a hash-chained Trust Ledger with signed receipts. verifyChain detects any insert, edit, delete, or reorder and returns the broken sequence — so your auditors can confirm integrity themselves, without trusting us.

  • Chained SHA-256 audit — verifyChain returns { ok, brokenAtSeq, head }
  • Tampering surfaces as hashOk:false at the exact broken block
  • Signed outcome receipts verify offline, with no call back to Cortex
  • 10-hop provenance from human to outcome on every action
audit/verify
#101hash ✓#102hash ✓#103hash ✓#104hash ✓#105hash ✓
head 0x9f3a…c1ok: true
verifyChain ▸ chained SHA-256 · signed receipts
Subprocessors

Who else touches your data — and why.

We keep the list short and the purposes narrow. Model providers are reachable only through the policy- and quota-governed Router, and on air-gapped deployments every external provider can be removed entirely in favor of local models.

SubprocessorPurposeData processedRegion
Cloud infrastructure (GCP)Compute, storage, managed PostgresAll tenant data (encrypted)Customer-selected
AnthropicLLM inference via the RouterPrompt + context at run timeUS / EU
Google (Gemini)LLM inference via the RouterPrompt + context at run timeUS / EU
OpenAIOptional LLM inference via the RouterPrompt + context at run timeUS
Object storage / CDNArtifact + asset deliveryGenerated artifacts (encrypted)Customer-selected
Error & ops telemetryReliability monitoringOperational metadata (no payloads)US / EU
register ▸ updated June 29, 2026 · 30-day notice before any new subprocessor goes live
30-day notice on new subprocessorsLocal models route through the compute brokerAir-gapped: zero external providers
SLAs & uptime

Commitments you can hold us to.

Availability targets, support response times, and recovery objectives scale with your plan, backed by service credits when we miss. Status and incident history are published to a live status page.

Scale SLA
99.9%monthly uptime target
Support response1 business hour (P1)
Recovery objectiveRTO 4h · RPO 1h
Service creditsOn missed target
Enterprise SLA24×7
99.95%monthly uptime target
Support response30 min (P1) · 24×7
Recovery objectiveRTO 1h · RPO 15m
Service creditsOn missed target
Live status pagePublished incident historySubscribe to maintenance notices
Data residency

Run Cortex where your data has to live.

From fully managed cloud to a single-tenant VPC in your region to a fully air-gapped install — the same governed runtime, the same gates, wherever your residency and sovereignty rules require.

Multi-tenant cloud

Fully managed SaaS with per-tenant logical isolation — every resource keyed and queried on (tenantId, id), the tenant pinned from the API key.

fastest start · managed updates

Single-tenant VPC

Dedicated deployment inside your cloud account or region. Data never leaves your perimeter; you control residency, keys, and network policy.

your cloud · your region

Air-gapped / on-prem

Run the full runtime with local models via the compute broker — no outbound provider calls. Signed Solution Packs install offline and verify by hash.

byo-model · residency-locked
Security & compliance

Built for the enterprise security review.

Fail-closed gates, scoped RBAC, DLP, detection & response, and multi-tenant isolation — mapped to the frameworks your auditors already use. Aligned with, not certified.

SOC 2ISO 27001ISO 42001HIPAAGDPREU AI ActNIST AI RMFFINRA
Documents & evidence

Take the proof to your review team.

The whitepaper, control mappings, and current subprocessor register — everything your procurement and security reviewers ask for.

Security whitepaper

Architecture, the eight governance gates, encryption, isolation, and detection & response — the full posture in one PDF.

Control mappings

How Cortex controls map to SOC 2, ISO 27001/42001, the EU AI Act, and NIST AI RMF — available under NDA.

Subprocessor register

The current list above, with 30 days' notice before any new subprocessor processes your data.

trust-center ▸ last updated June 29, 2026

Pass the security review with proof, not promises.

Encryption, isolation, named subprocessors, real SLAs, flexible residency, and a ledger your auditors can verify — ready before you deploy.