Architectural guarantee
Enforcement happens before the action executes. Prompts and responses pass through and are not retained; SHA-256 hashes and signed metadata are stored per your retention tier.
AqtaCore is the vehicle for that guarantee. The gateway evaluates policy before any model call leaves the perimeter, signs the verdict with an Ed25519 key, and returns a cryptographic receipt to the caller. Prompts, responses, and PII pass through; they are not retained.
Request flow
The auditor verifies the receipt against the published Ed25519 public key. No Aqta server is in the trust path. See the technical walkthrough for the cryptography.
Sub-processors
Three third parties may process operational metadata on our behalf, all EU-resident, all under GDPR Article 28(2) general written authorisation with a 30-day prior notice commitment for any change. AqtaCore stores SHA-256 hashes of prompts; no sub-processor receives prompt or response text.
Compute, primary database, transactional email, content delivery, key management.
Region: European Union.
Entity: Amazon Web Services EMEA SARL, Luxembourg.
Hosting for aqta.ai and the dashboard frontend. Cookieless aggregated web analytics.
Region: European Union edge only.
Entity: Vercel B.V., Amsterdam.
Authentication and enterprise SSO (SAML, OIDC) for customer organisations.
Region: European Union tenant.
Entity: Okta, Inc., EU tenant under EU SCCs.
All processing remains within the EU. Any future third-country transfer would execute the EU SCCs 2021/914 module 3 with a Schrems II transfer impact assessment, after 30-day customer notice. Customers may object in writing within the notice window and terminate the affected service for cause. To subscribe to change notifications, email hello@aqta.ai with subject SUBPROCESSORS.
Backed by
Regulatory Compliance & Standards Alignment
AqtaCore is designed to satisfy the technical requirements of AI-governance frameworks across the EU, US, UK, and Asia-Pacific. Regulators worldwide are converging on the same core requirement: AI decisions must be recorded, traceable, and independently verifiable. AqtaCore returns Ed25519-signed receipts that satisfy that requirement against any framework on the list below.
We distinguish between Aligned Standards (where we map our cryptographic telemetry, policy engines, and signed receipt attributes directly to specific legal articles to enable client-side compliance within their own deployments) and Certifications (such as ISO/IEC 42001, which require independent third-party audits and are on our active operational roadmap). None of the legal frameworks below offer vendor-level certifications; rather, our infrastructure is engineered to support your compliance with the following:
NIST AI 100-1, January 2023. Detailed crosswalk mapping our gateway enforcement and signed attestation outputs to the four core functions: govern, map, measure, manage. The de facto US federal reference model for AI risk.
FrameworkInternational AI management-system standard. Our platform is built to align with these controls; formal third-party certification is on our active operational roadmap.
StandardRegulation (EU) 2024/1689. Articles 12 (record-keeping), 14 (human oversight), 50 (transparency), 72 (post-market monitoring). Article 50 transparency obligations apply from 2 August 2026. EU AI Act Article 12 logging obligations apply for high-risk systems from 2 August 2026.
Official textCross-jurisdictional finserv stack. DORA Article 6 (ICT risk, EU, in force since 17 January 2025), MiFID II Article 16 (record-keeping, EU/UK), NIS2 incident handling (EU), and US Federal Reserve SR 11-7 (model risk management). Supporting client audits under engagement.
Article 25: data protection by design and by default. EU-hosted across AWS (Ireland, Frankfurt) and Google Cloud (Belgium); US (us-east-1, us-west-2) and UK (eu-west-2 London) regions available on the 2026 roadmap.
Learn moreUK Financial Conduct Authority Consumer Duty PS22/9 (good consumer outcomes from AI-influenced decisions) and ICO AI auditing framework. UK enforcement maps cleanly onto AqtaCore's decision-bound receipt model.
FCA Consumer DutyColorado Consumer Protections for AI Act (effective Feb 2026), NYC Local Law 144 (automated hiring decisions, in force), California AB-2013 + SB-1047 trajectory, Illinois AI Video Interview Act. AqtaCore receipts satisfy the per-decision evidence requirement across the patchwork.
PHI redaction, end-to-end transit encryption, on-premises deployment options. Engineered to align with US healthcare safety requirements. BAA discussions for Enterprise are open on request.
Personal Data Protection Commission (PDPC) Model AI Governance Framework v2 + AI Verify toolkit. Singapore is the regional reference for Southeast Asia; AqtaCore's receipts plug into AI Verify's technical-testing requirement.
FrameworkHuman in the loop
EU AI Act Article 14 requires that high-risk AI systems be designed so a human can intervene, override, or refuse the system's output. Without a per-decision signed receipt, that requirement is a checkbox that a deployer cannot operationally satisfy. With AqtaCore, every AI decision carries a signed record that a human reviewer can inspect, contest, and override.
The reviewer's decision is itself signed and chained to the original receipt under the same Ed25519 verifier. A regulator inspecting the chain sees not only what the AI decided but who reviewed it, when, and what they overrode. Article 14 becomes a verifiable property of the system rather than a policy statement. The same primitive also serves Article 12 record-keeping (the signed chain is the kept log) and Article 14 human oversight (the human-review chain is part of the kept log).
Honest scoping. Receipts make oversight feasible; they do not perform the oversight. The reviewer's judgement is the reviewer's. AqtaCore captures it as a counter-signed record so a regulator can later verify the oversight actually happened, not just that the policy required it.
Sustainability disclosure
The EU Corporate Sustainability Reporting Directive (CSRD), in force for large companies from financial-year 2024 reporting onward, and the parallel ISSB IFRS S2 standard for capital-markets disclosure, both require quantitative and verifiable evidence of environmental impact. AI-related disclosures are increasingly within scope, including per-deployment energy consumption, upstream model-training footprint, and per-inference compute attribution by provider and region.
An AqtaCore receipt is the substrate a sustainability auditor needs to attribute energy and carbon at the AI-decision level. Every receipt carries an identified model, an identified provider, a precise timestamp, and a policy-lineage record. A CSRD or ISSB submission can use those fields, paired with per-model kWh-per-token estimates from the provider, to compute AI compute footprint with cryptographic provenance behind every line of the report. Anti-greenwashing regulations (EU Empowering Consumers Directive 2024; Green Claims Directive) prohibit unsubstantiated environmental claims for AI-influenced services; the receipts are the substantiation.
Honest scoping. AqtaCore receipts bound the evidence space for AI sustainability disclosure; they do not by themselves measure energy or emissions. A future ATTESTATION extension may carry signed per-inference compute-carbon attribution as a first-class field. Today, the receipt + a provider-published energy figure is the operational pattern; the auditor verifies the receipt and applies the energy multiplier separately. The cryptographic property holds at the receipt layer regardless of where the energy figure comes from.
Trustworthy AI · ALTAI self-assessment
The seven key requirements from the EU High-Level Expert Group's Assessment List for Trustworthy AI (ALTAI). Each requirement names the artefact a reviewer can inspect, not an aspiration.
AqtaCore kill switch + policy engine, “Request Human Review” on every gateway call, Spectra voice/keyboard/gesture user choice, AqtaBio HITL sign-off field on top-1% risk tiles, Pulse patient-led clinical-scanning choice.
Bounds Pro five-layer detection ensemble, Spectra graceful degradation when upstream constraints apply, Ed25519 receipt integrity, AqtaBio receipt survival across deploys, Pulse offline-first sensor calibration.
Bounds Pro fully on-device PDF redaction, Spectra camera frames never leave the browser, Pulse on-device biometric extraction (rPPG/voice notes never uploaded), AqtaCore zero PII stored, AqtaBio anonymous-tiles gate on the public API.
ATTESTATION-v1 open spec (CC BY 4.0), reference verifiers on PyPI and npm, weekly signed AqtaBio commits, SHAP attribution, per-product /architecture pages.
Spectra is built for blind, low-vision, post-stroke, multilingual and hands-busy users. Testera serves nine standardised exams across multiple regions. Pulse voice diagnostics cover 70+ languages. AqtaBio publishes country-rank failure disclosures (the first prospective Ebola signal was rank 4, not rank 1, and we said so first).
AqtaBio One Health zoonotic-spillover signal, Pulse environmental + personal-health pairing under closed research pilot, Spectra accessibility for healthcare access, Apache 2.0 source releases on Bounds and Spectra.
Ed25519 signed receipts per AqtaCore AI call, offline verifier so the trust path doesn't go through Aqta's servers, public security policy (two-working-day acknowledgement, ten-working-day remediation), AqtaBio append-only public ledger of predictions.
Security Infrastructure
Encryption
AES-256 at rest. TLS 1.3 in transit. Ed25519-signed verdict at inference for every request. SHA-256 hash-chained audit logs at export, tamper-evident.
Access Controls
Role-based access management (RBAC). Multi-factor authentication enforced. Audit logs for every access event.
EU data sovereignty
EU-hosted by default across both clouds: AWS in Ireland (eu-west-1) and Frankfurt (eu-central-1), Google Cloud in Belgium (europe-west1). VPC isolation. Dedicated-region options on Enterprise plans.
Dublin-registered, GDPR Article 28 native
Aqta Technologies Limited, CRO 807530, Dublin. Registered office: 26/27 Upper Pembroke Street, Dublin 2, D02 X361, Ireland. Production gateway operating since 21 April 2026. No security incidents to date. Built to the EU regulatory bar; sells worldwide.
No PII in Session Metadata
Session metadata contains model ID, timestamp, cost, and policy result. No prompt content. No response content. No user data. Sessions auto-expire per your retention tier.
Data retention by tier
Tier-based and configurable, up to seven years for regulated-clinical retention. Custom on Enterprise. Applies to session metadata and signed receipt chains alike, and receipts remain offline-verifiable for the full retention window.
Incident Response
72-hour breach notification per GDPR Article 33. Documented incident response plan. Security contact: security@aqta.ai
Security Posture
We treat AqtaCore as a security-critical product because regulated buyers do. The current state of the security posture is documented here and refreshed at least quarterly.
Open attestation specification
The receipt format, two reference verifiers, and 14 EU AI Act + MDR-shaped conformance test vectors are public on github.com/Aqta-ai/attestation-spec under permissive licences. Customers can verify any receipt offline.
Per-receipt live chain
Every receipt records a SHA-256 chain hash that commits to the previous receipt for its org. Tampering with any historical row produces a hash mismatch on every later row. Authenticated callers verify their entire chain via the compliance API.
Groth16 zero-knowledge verifier available
Pairing-based zero-knowledge verifier exposed on the public API. A precomputed demo proof is verifiable end to end. Prover access is offered as a sidecar service for Enterprise tier; circuit details are shared with early-access customers under NDA.
Cross-org threat intelligence with privacy proofs
Early-access orgs see anonymised threat-pattern signals contributed by other participants, never the orgs themselves. Contributor counts are privacy-bucketed; raw figures are gated behind cryptographic commitments with differential privacy. Mechanism details available to early-access customers under NDA. General availability rolls in over the early-access programme.
Post-quantum migration documented
Not post-quantum secure today. The SHA-256 chain hash is quantum-resilient; signature primitives need migration. Post-quantum migration roadmap aligned with NIST FIPS 204/205/206 is documented in our DPA, available on request.
DPA available on request
GDPR Article 28 Data Processing Agreement available for early-access customers and Enterprise contracts. Email legal@aqta.ai with your legal entity.
Dependency hygiene
All third-party Python and Node dependencies are pinned. npm audit and pip-audit run on every CI build. SBOM available on request.
Reviewed quarterly
Penetration-test and formal-verification path discussed with enterprise early-access customers under NDA; specifics are scoped per engagement. Confidential security disclosures: SECURITY.md (acknowledgement within two working days).
Data protection contact
For data-subject requests (access, rectification, erasure, portability, restriction, objection) and any data-protection enquiry, email hello@aqta.ai with the subject line DPO REQUEST. We will acknowledge receipt within two working days and respond substantively within thirty days, as required under GDPR Article 12(3). Where we cannot meet that window we will tell you why and when we will, before the thirty days elapse.
Aqta Technologies Limited acts as data controller for visitor data on aqta.ai and as data processor for customer data inside AqtaCore deployments; sub-processors are listed on our sub-processors page.
Procurement pack
Six procurement artefacts are available on request: GDPR Data Processing Agreement, sub-processor list, Data Protection Impact Assessment, Business Continuity and Disaster Recovery policy, Information Security policy summary, and a scoped SIG or CAIQ-lite questionnaire. None are publicly downloadable. They are sent direct to your inbox so we can record what was shared, with whom, and on what date.
Request the procurement pack. Standard SLA is one business day.