Encryption
Data in transit and at rest is encrypted using platform-native controls and key management aligned to deployment boundaries.
Trust Center
Data handling controls
Data handling policies are defined before deployment: encryption controls, retention windows, access boundaries, and residency options.
Retention
Retention windows are defined by policy tiers. Operational logs and evidence artifacts follow documented retention and deletion schedules.
Access control
Access is role-scoped with least-privilege defaults and approval checkpoints for high-risk actions.
Residency options
Projects can be deployed with residency-first boundaries in private cloud, VPC, or on-prem patterns based on risk posture.