Infrastructure & Data Security Policy

All organisational reference brain assets and human-catalogued documents are strictly siloed using PostgreSQL Row-Level Security (RLS) at the database engine level. Cross-tenant data contamination is mathematically impossible under this architecture.

Frontend operations are distributed via Vercel Edge networks. Core database persistence and file storage (1TB Sovereign Capacity vaults) are natively provisioned on AWS Amazon S3 and Tier-III cloud facilities via Supabase routing tunnels.

The platform utilises multi-Availability Zone automated file replication and high-frequency continuous disaster recovery loops to ensure uninterrupted enterprise continuity.

Data at Rest: All proprietary records and database volumes are secured using AES-256 bit encryption profiles across our AWS and Supabase infrastructure.

Data in Transit: All data transmission, API payloads, and edge routing telemetry are strictly encrypted in transit utilising TLS 1.2+ over HTTPS protocols.

Platform access is governed by strict authentication protocols. Tenant workspaces utilise role-based access control (RBAC) to ensure that users can only access resources explicitly authorised for their operational tier.

Inbound cataloged documentation and reference strings are parsed using fully sandboxed processing parameters. We maintain zero data footprint retention loops for active subscriptions - your corporate inputs and proprietary data are strictly confidential and are never utilised to train foundational models.

Our application code stack runs under constant validation tracking, with automated dependency mapping and patching to clear potential exploits before deployment.

Responsible Disclosure: We highly value the security research community. While we do not currently operate a paid bug bounty program, we welcome responsible disclosure from white-hat researchers and will publicly acknowledge individuals who report serious, verifiable vulnerabilities. Please direct all security reports to security@diligio.co.

SOC 2 Type II and ISO/IEC 27001 Certification Compliance Frameworks are planned. We are actively building toward formal third-party attestation of our security controls.