Encryption in transit
Active
TLS 1.2+ enforced on every API endpoint and web surface. No plaintext traffic is accepted.
Public panel of the controls Data Riders publishes and keeps active for GISTM.ai and the rest of the agent portfolio. Each control listed here is auditable on request under NDA. Human accountability first; AI supports decisions — it does not replace them.
Last reviewed: 2026‑04‑27 · Next planned review: 2026‑10‑27 · Panel version: G40 · The controls below reflect what is published and running in production; evidence (CloudTrail logs, IAM configurations, sub‑processor contracts) is available under NDA via a DPA request.
TLS 1.2+ enforced on every API endpoint and web surface. No plaintext traffic is accepted.
Managed SaaS: platform‑managed encryption at rest. Private AWS: SSE‑KMS with customer‑controlled CMKs (rotation optional). S3 Object Lock available as an opt‑in configuration for tamper‑evident evidence buckets.
Uploaded documents are kept up to 30 days strictly for troubleshooting, then deleted. Only limited metadata is retained.
Your documents are not used to train foundation models — neither ours nor providers'. We distinguish: (i) foundation‑model training (forbidden, per our contracts with Bedrock, OpenAI Enterprise/ZDR and Anthropic) and (ii) tenant‑scoped continuous improvement via human feedback (only when contractually authorized and isolated per workspace). See Article 6 — Model Providers.
SAML SSO, SCIM provisioning and RBAC available on Enterprise plans of our managed SaaS and on every Private‑AWS deployment. Starter/Pro SaaS plans use email+password with mandatory MFA.
Multi-factor authentication enforced on all human accounts; scoped bearer tokens for machine-to-machine calls.
Strict IAM roles with least privilege, short-lived credentials and audit logging across every pipeline.
Microsoft Graph app-only integration scoped to Sites.Selected — granular, revocable site access, never tenant-wide.
Private-AWS deployment runs inside a customer-controlled VPC with private subnets and private networking between services.
Optional AWS WAF + Shield at the edge for layer-7 filtering and DDoS mitigation on publicly exposed endpoints.
Deploy GISTM.ai as pure managed SaaS, or in a private AWS account the client owns. You pick the sovereignty model.
CloudTrail, GuardDuty, AWS Config, Security Hub, Macie and Inspector — continuous logging, anomaly detection and misconfiguration alerts.
Baseline playbooks covering detection, containment (key rotation, grant revocation), recovery and transparent customer notification.
Append‑only audit logs in CloudTrail and the application pipelines; immutable storage via S3 Object Lock (opt‑in) on Private‑AWS deployments. Public sub‑processor list and Data Processing Addendum available at /en/sub-processors/ and on request.
People‑first: formal client deliverables (reports, opinions, gap analyses, action plans) and security incidents have a named human owner who reviews and signs them before publication. Conversational widget outputs and exploratory iterations inside the agents are tagged as decision support — not as engineering opinions — and don't require sign‑off.
✅ available · ⚠️ depends on plan/configuration · ❌ not available in this mode. On‑premises is evaluated case‑by‑case and requires the customer's AI stack (vLLM, Bedrock VPC endpoint or Azure OpenAI).
Retentions can be shortened by contract. See also Privacy Policy and Sub‑processors.
Bedrock does not use prompts or responses to train foundation models, neither AWS's nor the hosted providers'. Customer logs stay in the customer's AWS account. Recommended for regulated clients. Policy: aws.amazon.com/bedrock/security-compliance.
API and Enterprise: zero‑data‑retention (ZDR) available; no foundation‑model training on customer data. Without ZDR, retention up to 30 days for abuse detection. Policy: openai.com/policies/api-data-usage-policies.
Anthropic commercial API: does not train models on inputs/outputs unless the customer opts in. Policy: anthropic.com/legal/commercial-terms.
When the customer authorizes it by contract, human feedback (corrections, ratings) is used to refine prompts, RAG rules and few‑shot examples scoped to the customer's workspace. This is not foundation‑model training — it's agent configuration. The customer can revoke and export at any time.
Industry benchmarks published by Data Riders are built exclusively from (a) aggregated, anonymized public data (public GISTM/TSM/Copper Mark reports, ANM, ICMM, IRMA datasets) and/or (b) client data expressly authorized by contract, always anonymized at the site level before aggregation. We do not use one client's data to generate benchmarks consumed by another without written authorization. See Terms of Use, §6 — Secondary use of data.
Every delivery matches the contracted scope. Objective non-conformities are corrected at no extra cost.
Read full documentZero tolerance for violence, harassment and abuse — prevention, active listening and safe reporting channels.
Read full documentStrict anti-corruption standards aligned with TSM and The Copper Mark, with periodic review and certification.
Read full documentTransparent rules for gifts, hospitality and interaction with public agents — integrity over convenience.
Read full documentDiversity, equity, inclusion and a sustainability-first lens built into every engagement.
Read full documentA single Code that governs how we work with clients, communities and each other — reviewed and trained periodically.
Read full documentThis page. Security, privacy and AI-governance controls, people-first accountability, and protection that survives audits.
Read full document