Trust & Security

AIDAL Security Overview

AIDAL runs on AWS ap-southeast-1 (Singapore region) via Railway. All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Decision data is isolated per company — no company can access another company's data. AI explanations are generated via Groq, which is SOC 2 Type II certified. No raw decision data is shared with any other third party. AIDAL staff access to production data requires explicit authorization.

🏗️
Infrastructure
Hosted on AWS ap-southeast-1 (Singapore) via Railway. Regional deployment ensures data residency in Southeast Asia in compliance with MAS FEAT and OJK guidelines.
🔒
Encryption
All data encrypted at rest using AES-256. All data in transit protected by TLS 1.3. Encryption keys are managed and rotated using industry-standard practices.
🏢
Data Isolation
Decision data is strictly isolated per company. No company can access another company's data. Tenant isolation is enforced at the database and API layer.
🤖
AI Processing
AI explanations are generated via Groq, which holds SOC 2 Type II certification. No raw decision data is shared with any other third party.
🛡️
Access Control
AIDAL staff access to production data requires explicit authorization. Access is logged, reviewed, and granted on a least-privilege basis.
⛓️
Cryptographic Integrity
Every decision record is sealed in a SHA-256 hash chain and anchored to the Polygon PoS network every 6 hours, creating a tamper-proof, court-admissible audit trail.
Security questions or to report a vulnerability: anthony@tryaidal.com