Security and compliance

Enterprise-grade security. Transparent compliance posture.

Aegis Trace runs on certified cloud infrastructure with a security posture you can verify, not simply take on trust. Here is how your data is hosted, encrypted and controlled, and how the platform can be deployed to match your regulatory requirements.

Hosted on Google Cloud Platform#

Production infrastructure runs on Google Cloud Platform in EU data centres, on managed, enterprise-grade services backed by an enterprise SLA.

EU Data Residency#

All data processed and stored within EU regions (europe-west2, London). Full GDPR compliance by architecture.

Encryption at Rest and in Transit#

All data encrypted using AES-256 at rest and TLS 1.3 in transit. Certificate records are additionally protected by cryptographic signing with managed key infrastructure.

Role-Based Access Control with MFA#

Dashboard access requires multi-factor authentication. Three roles (Admin, Compliance Officer, Viewer) ensure appropriate access controls. Operator-managed onboarding with no self-registration.

Built on Secure, Industry-Certified Infrastructure#

Hosted on ISO 27001 and SOC 2 certified Google Cloud infrastructure. Enterprise security controls, audit logging, and encryption at rest and in transit.

HIPAA Ready#

Architecture supports HIPAA compliance requirements for healthcare deployments. BAA available on request.

Deployment and data residency

Deployed to match your regulatory requirements

Residency, cloud and deployment topology are configurable per client, so sensitive data stays where your regulator requires and the platform fits the way your firm already operates.

Data residency in your region#

The platform can be provisioned in the region your regulator requires, including the UK, the EU, the US, or in-region for other jurisdictions, so data stays within the boundary your obligations demand. The current default is the EU (europe-west2, London).

Deployment models to fit your posture#

Deployment is flexible to your security posture: a fully managed service, deployment into your own cloud account, or private, dedicated, on-premises or air-gapped options for the most sensitive environments.

Built for regulated firms#

Meet residency mandates, align with your existing cloud and security policies, and keep sensitive data inside your own boundary where required. The same security controls apply across every deployment model.