SW Platform
Book 30 min

TRUST · A POSTURE BEFORE A CHECKLIST

Auditability as the price of discernment.

For a human to elevate a brand, every insight must trace back to its source. That is the posture. The compliance follows.

I · DEFENSE IN DEPTH

Defense in depth, before any single perimeter.

  • EU sovereignty by default Always-on

    AWS eu-west-3 (Paris) primary residency. No cross-region replication outside the EU. Customer-specific residency commitments enforceable via IAM SCPs on request.

  • ISO 27001 ISMS Operational, certification target Q3 2026

    30+ Annex A controls live in production: KMS encryption, least-privilege IAM, immutable audit trail, secrets in SSM, branch protection, GitOps-only changes. PSI, PAS, PRA and security policy on documented annual review cadence + mandatory review on incident. Statement of Applicability + SOC 2 attestation timeline available under NDA.

  • Network isolation Always-on

    VPC-private compute, IAM least-privilege, encryption at rest (AWS KMS) and in transit (TLS 1.3 minimum).

  • Penetration testing Quarterly

    Independent third-party tests with remediation tracked per CVSS severity.

II · TENANT BY DESIGN

Tenant isolation lives in the data model, before any feature flag.

  • GDPR by design Architectural

    Every record carries an organization identifier from ingestion. Tenant isolation lives in the data model, not in the application layer (cf. Constitution Article VI).

  • Data residency EU-only

    eu-west-3 (Paris) for primary workloads. No cross-region replication outside the EU. Customer-specific residency available on request.

  • Subject access requests Automated

    Per-record lineage retrieval responds to access, rectification, and erasure requests within statutory timelines.

III · AI · CRAFT, NOT MAGIC

Powerful AI earns its place by being auditable.

  • Article 50 transparency Shipped

    Every AI-generated insight carries an AiBadge dispositif disclosing method, model, source, and generation date — visible to the end user.

  • EU AI Act readiness August 2, 2026

    Public commitment. Risk classification, post-market monitoring, technical documentation, and conformity assessment process are all part of our roadmap.

  • Provider model versioning Preserved

    Foundation model identifiers (e.g. anthropic.claude-opus-4-7) are persisted with every inference output via canonical fields, enabling deterministic reproduction.

  • Right to human review Architectural

    Agents propose; humans decide. Constitution Article VII (Observability built-in) makes this enforceable, not aspirational.

IV · LINEAGE

The trail is the proof.

  • End-to-end lineage Architectural

    Every transformation is traceable from a Bronze record to its Silver canonical form to its Gold insight. The lineage column is not optional.

  • Change management GitOps only

    Every infrastructure or code change passes a Pull Request with CODEOWNERS approval. No manual override (Constitution Article V).

  • Retention Per-tenant

    Configurable retention windows per organization, defaults aligned to GDPR Article 5(1)(e) (storage limitation).

  • Right to be forgotten Cascade

    Record-level deletion propagates Bronze → Silver → Gold and downstream OpenSearch indices, with a documented timeline.

TRUST CENTER · FACTUAL

What we run, where, with what controls.

Public reference for security questionnaires (CAIQ Lite, SIG Lite, vendor reviews). For deeper detail or contract artefacts, see the requestable documents below.

Hosting & isolation

AWS eu-west-3 (Paris). Three accounts: nonprod, prod, management — strict cross-account boundaries via IAM assume-role + CODEOWNERS-gated trust policies. No cross-region replication outside EU.

Encryption

At rest: S3 SSE-KMS (customer-managed CMKs per tenant), OpenSearch domain encrypted at rest, S3 Tables (Iceberg) KMS-encrypted. In transit: TLS 1.2+ enforced platform-wide, TLS 1.3 default on edge.

Identity

AWS Cognito + PKCE flow on every customer-facing app. MFA enforced on AWS console + GitHub organisation. SSO available on enterprise plans (SAML 2.0, OIDC).

Access controls

Least-privilege IAM, every role tagged + attestable. CODEOWNERS on sensitive paths (.claude/, infrastructure/, data-platform-config/). Branch protection + required CI on all merges to main. No manual AWS changes — GitOps-only (Constitution Article C8).

Audit trail

AWS CloudTrail multi-region (90-day hot retention, 7-year Glacier). Git history immutable per branch protection. Every Lambda invocation observable in CloudWatch with structured logging (Constitution Article C11).

Secrets management

AWS SSM Parameter Store (KMS-encrypted) for all service config. AWS Secrets Manager for rotating credentials. gitleaks pre-commit hook on every repo. No secrets in code, no secrets in Terraform state.

Documentary review cadence

PSI (Politique Sécurité Information), PAS (Politique d'Accès aux Systèmes), PRA (Plan de Reprise d'Activité), security policy: reviewed annually + on incident. Review log auditable on request.

Data residency

Primary: AWS eu-west-3 (Paris). Customer-specific residency available on request (EU-only commitments enforced via IAM SCPs).

Responsible disclosure

Vulnerability reports: see SECURITY.md in our public repos. Acknowledgement within 48h, remediation tracked per CVSS.

Read SECURITY.md →
AI governance

All AI-generated content carries an AiBadge with method, model, source, generation date (rule FE13). EU AI Act Art. 50 transparency from day one. Lineage tracked end-to-end (verbatim → study → claim).

SUB-PROCESSORS

The vendors we depend on, and what they do.

Updated whenever we add or remove a sub-processor. Subscribe to changes via the change feed below. Last reviewed 2026-05-05.

VendorRoleRegionDPA
AWSCloud infrastructure (compute, storage, identity)eu-west-3AWS GDPR DPA
GitHubSource code hosting + CI/CDEU + USGitHub DPA
AnthropicLLM API (Claude) for synthesis + agentsEU + US (data-zone configurable)Anthropic DPA
OpenAILLM API (GPT) for fallback synthesis (configurable)EU + USOpenAI DPA
Subscribe to sub-processor changes (RSS) →

REQUESTABLE DOCUMENTS

Contract-grade artefacts on request.

These documents support enterprise procurement and security review. Available under NDA via your account contact, or directly via the address below.

  • Data Processing Agreement (template) Available on request
  • CAIQ Lite (Cloud Security Alliance) — pre-filled Available on request
  • SIG Lite (Shared Assessments) — pre-filled Available on request
  • ISO 27001 Statement of Applicability (excerpt) Available Q3 2026
Request documents

© 2026 · SemantiWeb SAS · Paris · A research-grade insights craft, codified.