Governance Layer
Aqta is a governance layer that prevents architectural mistakes. The Chat & Ask AI breach validates our governance-first approach: metadata provides audit trails without privacy compromise.
Our architecture makes certain breach scenarios impossible — we cannot leak what we never store.
Compliance & Certifications
GDPR-Aligned Architecture
Data protection by design (Article 25). EU-based hosting with full data sovereignty. Infrastructure built for GDPR compliance.
EU AI Act Architecture
Infrastructure designed for August 2026 enforcement. Articles 12, 14, 72 compliant architecture. Certification in progress.
HIPAA-Ready Infrastructure
Infrastructure designed for HIPAA compliance. PHI encryption at rest and in transit. Business Associate Agreement (BAA) in development for healthcare customers.
Security Infrastructure
Encryption
AES-256 encryption at rest. TLS 1.3 in transit. Zero-knowledge architecture for sensitive data.
Access Controls
Role-based access control (RBAC). Multi-factor authentication. Audit logs for all access events.
Data Sovereignty
EU-based hosting (Ireland). VPC isolation available. Dedicated region options for enterprise.
Incident Response
24-hour breach notification. Documented incident response plan. Security contact: security@aqta.ai
Regulatory Framework
Aqta's architecture is designed to meet the requirements of major AI and data protection regulations:
- EU AI Act (2024/1689) — Articles 12 (transparency), 14 (human oversight), 72 (record-keeping)
Official Text → - GDPR Article 25 — Data protection by design and by default
Learn More → - NIST AI RMF — AI Risk Management Framework (trustworthiness principles)
Framework → - HIPAA — Business Associate Agreement available for healthcare deployments
Company Information
Aqta Technologies Ltd
Registered in Ireland
Company Registration Number (CRO): 807530
Security Contact: security@aqta.ai
General Enquiries: hello@aqta.ai