Data isolation
All customer operational data is isolated at the database row level using Postgres Row Level Security with FORCE enforcement. No application-layer query can access another tenant's data regardless of what an AI model instructs.
Trust / Security Packet
This packet summarizes the data architecture, encryption posture, access model, compliance status, and operational controls available for enterprise security and procurement review.
All customer operational data is isolated at the database row level using Postgres Row Level Security with FORCE enforcement. No application-layer query can access another tenant's data regardless of what an AI model instructs.
Operational records, governance decisions, session timelines, and audit events are retained for the duration of your contract plus 90 days, unless a shorter retention period is agreed in your DPA. Deletion requests are honored within 30 days.
Operious processes customer contact data for the sole purpose of executing governed operational workflows. Customer data is never used for model training. Customer data is never shared across tenants.
Default deployment: AWS ap-southeast-1 (Singapore) for APAC clients. Regional deployment options available for EU and US requirements. VPC and private deployment available under enterprise agreement.
All tenant data encrypted at rest using AES-256-GCM. Tenant channel credentials - API keys, webhook secrets, access tokens - are encrypted with tenant-specific keys. Credentials are never returned in API responses.
All client-server communication over TLS 1.3. Internal service communication encrypted in transit. No plaintext credential transmission at any layer.
Every governance decision is signed with HMAC-SHA256. Every session event carries a UUID5 deterministic identity. Audit records are append-only by architecture - no record can be modified after creation, at the application or database layer.
Each enterprise client is a separate tenant. Tenant boundaries are enforced at the database layer with mandatory Row Level Security. No operator can access tenant data through application interfaces.
Role-based access control enforced via Auth0. Operator, supervisor, manager, and analyst roles available. Role permissions are configurable per tenant.
SSO integration available for enterprise clients. SAML 2.0 and OIDC supported. SCIM provisioning available on request.
Audit planning in progress. Target: Q3 2026. Operious does not present in-progress certifications as completed. Pre-SOC 2 architecture review and security questionnaire responses available upon request.
Business Associate Agreement available for healthcare clients where deployment scope and controls are reviewed and agreed.
Data Processing Addendum available on request. Subprocessor list maintained and available to enterprise clients. Data subject request handling supported.
Security disclosures accepted at security@operious.com. Response within 24 hours for critical reports.
Security incident notification within 72 hours of confirmed breach affecting tenant data, per applicable regulatory requirements.
Third-party penetration testing planned for Q3 2026 alongside SOC 2 audit. Results shared with enterprise clients under NDA.
Software dependencies audited continuously. Zero CVE-affecting dependencies in production stack.
For a complete security review packet including data flow diagrams, identity model, tenancy architecture, and security questionnaire responses, request a security review.
Request Security Review