Trust & Compliance
How we treat your data and your likeness.
A categorical view of our security and compliance posture. The implementation-specific details — vendor list, region footprint, control-by-control evidence — live in our Data Processing Addendum and SOC 2 report, both shared with enterprise customers under NDA during procurement.
Identity & access
- Hardened authentication
Authentication is handled by an enterprise-grade identity service with server-managed password policies. Plaintext credentials never reach our application servers.
Shipped - Sealed-session architecture
Session state lives in an encrypted, signed, HTTP-only cookie. No server-side session store, no long-lived tokens.
Shipped - Least-privilege access controls
Production resources are scoped to the minimum permissions required by each role and service.
Shipped - Enterprise SSO (SAML / OIDC)
Bring-your-own identity provider for enterprise customers. Available on request alongside the standard product roadmap.
Roadmap
Data protection
- Encryption in transit
All traffic between client, edge, and origin is TLS 1.2 or higher.
Shipped - Encryption at rest
Stored data and media assets are encrypted at rest with industry-standard managed keys.
Shipped - Customer-managed keys
Bring-your-own-key support for enterprise customers with regulatory requirements.
Roadmap - Regional data residency options
Additional residency options are in scope for customers with data-locality requirements.
Roadmap
Consent & provenance
- Affirmative consent at recording
Every digital twin is created from a take the artist actively recorded with us. We do not scrape, crawl, or accept third-party uploads of someone else's likeness.
Shipped - Enumerated boundaries on every contract
Allowed and excluded use cases are written into the contract, visible to leasing enterprises before they commit, and surfaced on the artist's public member page.
Shipped - Revocation with a 90-day minimum window
Artists can revoke any active lease. The platform honours a minimum 90-day window so a brand's existing campaigns wind down cleanly.
Shipped - Provenance metadata on every render
Each render carries verifiable metadata binding it to a contract id, an artist consent record, and an immutable audit log entry.
Shipped - Embedded C2PA signing
Embedded provenance signatures conformant with the Coalition for Content Provenance and Authenticity specification. Rolling out across the render pipeline.
In progress
Compliance & audit
- SOC 2 Type II controls
We operate against SOC 2 Type II-aligned controls today. Independent attestation engagement is underway; the report will be available to enterprise customers under NDA when complete.
In progress - California AB 2602 + SB 942
Disclosure, consent, and revocation posture aligned with California's digital-replica statutes.
Shipped - EU AI Act Article 50 transparency
All synthetic media exported from the platform carries machine-readable metadata identifying it as AI-generated.
Shipped - Third-party penetration testing
Independent penetration test scheduled.
Roadmap - Responsible disclosure programme
Public security disclosure programme opening alongside the SOC 2 attestation.
Roadmap
Sub-processors and architecture
We work with a small set of established sub-processors across infrastructure, generation, billing, and transactional email. Each is contractually bound to a posture equivalent to our own. The current sub-processor list and architecture diagram are shared with enterprise customers under NDA during procurement.
Security contact
Report a security issue, request our DPA, or kick off a procurement security review: security@personalityai.net. We aim to acknowledge within one business day.
This page is reviewed quarterly. Detailed evidence and implementation specifics are provided under NDA on request.