Architectural guarantee
We cannot leak what we never store.
AqtaCore™ is an enforcement proxy that runs before the action executes. It signs every decision, enforces every policy, and returns a cryptographic receipt. Prompts, responses, and PII are never stored by default.
Request flow
The auditor verifies the receipt against the published Ed25519 public key. No Aqta server is in the trust path. See the technical walkthrough for the cryptography.
Backed by
Regulatory Compliance & Standards Alignment
AqtaCore is designed to satisfy the rigid technical requirements of major international regulations and data protection frameworks. To maintain absolute transparency, we distinguish between Aligned Standards (where we map our cryptographic telemetry, policy engines, and signed receipt attributes directly to specific legal articles to enable client-side compliance within their own deployments) and Certifications (such as ISO/IEC 42001, which require independent third-party audits and are on our active operational roadmap). None of the legal frameworks below offer vendor-level certifications; rather, our infrastructure is engineered to support your compliance with the following:
Articles 12, 14, 72: transparency, human oversight, and record-keeping. Architectural features are engineered to enable client-side compliance ahead of the August 2026 enforcement.
Official text →Article 25: data protection by design and by default. EU-hosted across AWS (Ireland, Frankfurt) and Google Cloud (Belgium) to enable full data sovereignty and localized processing compliance within the EU.
Learn more →PHI redaction, end-to-end transit encryption, and on-premises deployment options. Engineered to align with healthcare safety requirements. BAA discussions for Enterprise are open on request.
Detailed alignment crosswalk mapping our gateway enforcement and signed attestation outputs to the NIST AI Risk Management Framework. Available to early-access partners.
Framework →International AI management-system standard. While our platform is technically built to align with these controls, formal third-party certification is scheduled on our active operational roadmap.
Technical alignment shipped to support regulated financial services (Article 6 ICT risk evidence, Article 16 record-keeping, and NIS2 incident handling). Supporting client audits under engagement. See FinServ →
Trustworthy AI · ALTAI self-assessment
The seven key requirements from the EU High-Level Expert Group's Assessment List for Trustworthy AI (ALTAI). Each requirement names the artefact a reviewer can inspect, not an aspiration.
AqtaCore kill switch + policy engine, “Request Human Review” on every gateway call, Spectra voice/keyboard/gesture user choice, AqtaBio HITL sign-off field on top-1% risk tiles, Pulse patient-led clinical-scanning choice.
Bounds Pro five-layer detection ensemble, Spectra deterministic walkthrough fallback when the live agent hits quota, Ed25519 receipt integrity, AqtaBio per-revision signing seed so receipts survive deploys, Pulse offline-first sensor calibration.
Bounds Pro fully on-device PDF redaction, Spectra camera frames never leave the browser, Pulse on-device biometric extraction (rPPG/voice notes never uploaded), AqtaCore zero PII stored, AqtaBio anonymous-tiles gate on the public API.
ATTESTATION-v1 open spec (CC BY 4.0), reference verifiers on PyPI and npm, weekly signed AqtaBio commits, SHAP attribution, per-product /architecture pages.
Spectra is built for blind, low-vision, post-stroke, multilingual and hands-busy users. Testera serves nine standardised exams across multiple regions. Pulse voice diagnostics cover 70+ languages. AqtaBio publishes country-rank failure disclosures (the first prospective Ebola signal was rank 4, not rank 1, and we said so first).
AqtaBio One Health zoonotic-spillover signal, Pulse hospital validation in Thailand pairing environmental telemetry with personal health, Spectra accessibility for healthcare access, Apache 2.0 source releases on Bounds and Spectra.
Ed25519 signed receipts per AI call, offline verifier so the trust path doesn't go through Aqta's servers, public security policy (two-working-day acknowledgement, ten-working-day remediation), AqtaBio append-only public ledger of predictions.
Security Infrastructure
Encryption
AES-256 at rest. TLS 1.3 in transit. Ed25519-signed verdict at inference for every request. SHA-256 hash-chained audit logs at export, tamper-evident.
Access Controls
Role-based access management (RBAC). Multi-factor authentication enforced. Audit logs for every access event.
EU data sovereignty
EU-hosted by default across both clouds: AWS in Ireland (eu-west-1) and Frankfurt (eu-central-1), Google Cloud in Belgium (europe-west1). VPC isolation. Dedicated-region options on Enterprise plans.
No PII in Session Metadata
Session metadata contains model ID, timestamp, cost, and policy result. No prompt content. No response content. No user data. Sessions auto-expire per your retention tier.
Data retention by tier
Tier-based and configurable, up to seven years for regulated-clinical retention. Custom on Enterprise. Applies to session metadata and signed receipt chains alike, and receipts remain offline-verifiable for the full retention window.
Incident Response
72-hour breach notification per GDPR Article 33. Documented incident response plan. Security contact: security@aqta.ai
Security Posture
We treat AqtaCore as a security-critical product because regulated buyers do. The current state of the security posture is documented here and refreshed at least quarterly.
Open attestation specification
The receipt format, two reference verifiers, and 14 conformance test vectors are public on github.com/Aqta-ai/attestation-spec under permissive licences. Customers can verify any receipt offline.
Per-receipt live chain
Every receipt records a SHA-256 chain hash that commits to the previous receipt for its org. Tampering with any historical row produces a hash mismatch on every later row. Authenticated callers verify their entire chain via the compliance API.
Groth16 zero-knowledge verifier available
Pairing-based zero-knowledge verifier exposed on the public API. A precomputed demo proof is verifiable end to end. Prover access is offered as a sidecar service for Enterprise tier; circuit details are shared with early-access customers under NDA.
Cross-org threat intelligence with privacy proofs
Early-access orgs see anonymised threat-pattern signals contributed by other participants, never the orgs themselves. Contributor counts are privacy-bucketed; raw figures are gated behind cryptographic commitments with differential privacy. Mechanism details available to early-access customers under NDA. General availability rolls in over the early-access programme.
Post-quantum migration documented
Not post-quantum secure today. The SHA-256 chain hash is quantum-resilient; signature primitives (Ed25519, Schnorr, Groth16) need migration. ATTESTATION-v2 target: hybrid signing with ML-DSA-65 (NIST FIPS 204) plus Ed25519. Full read at /post-quantum.
DPA available on request
GDPR Article 28 Data Processing Agreement available for early-access customers and Enterprise contracts. Email legal@aqta.ai with your legal entity.
Dependency hygiene
All third-party Python and Node dependencies are pinned. npm audit and pip-audit run on every CI build. SBOM available on request.
Reviewed quarterly
Penetration-test and formal-verification path discussed with enterprise early-access customers under NDA; specifics are scoped per engagement. Confidential security disclosures: SECURITY.md (acknowledgement within two working days).
Company Information
Aqta Technologies Limited
Registered in Ireland
Company Registration Number (CRO): 807530
Supported through Irish startup and research programmes, including an Enterprise Ireland Innovation Voucher.
Security: security@aqta.ai
General: hello@aqta.ai