// TRUST & COMPLIANCE

Trust isn't a section.
It's the architecture.

Most AI vendors retrofit compliance after the fact. We started with sovereignty, privacy, and auditability as architectural constraints — and built every product layer to satisfy them.

Sovereign-by-default
Yes
On-prem deploy
All
Audit trail
Full
PII redaction
Native
// FOUR PILLARS

Built into every layer. Not bolted on.

PILLAR / 01

Sovereignty by default

Every product ships on-prem, edge, or sovereign cloud. No data leaves your infrastructure unless you explicitly send it. Air-gapped deployment is fully supported.

PILLAR / 02

Privacy by design

PII detection and redaction at ingest. Differential privacy on training data. Customer data is never used to train shared models without explicit, written consent.

PILLAR / 03

Auditable AI

HaluMon-governed responses include full reasoning traces, source citations, and confidence scores. Every output is auditable end-to-end.

PILLAR / 04

Hardware-rooted security

TEE-compatible deployment. Encrypted weights at rest. Secure boot for Krsna SoC. Defence-grade air-gap operation supported.

// CERTIFICATIONS & FRAMEWORKS

Aligned, working, audited.

SOC 2 Type II

In progress

Targeted certification: H2 2026

ISO 27001

In progress

Information security management

HIPAA

On-prem ready

Customer-deployed, customer-attested

GDPR

Aligned

Data minimization, right to deletion

RBI / IRDAI

Aligned

Indian financial regulator compliance

DPDP Act 2023

Compliant

Indian Digital Personal Data Protection Act

// PRIVACY POLICY

Your data, your control.

We collect only what is needed to operate the services you've requested. Customer data submitted to on-prem deployments never reaches SandLogic systems — full stop.

For cloud-hosted offerings, we collect the minimum metadata needed for billing and operations. We do not sell, rent, or share your data with third parties for marketing.

Right to access, delete, and port your data is honored within statutory windows under DPDP Act 2023, GDPR, and equivalent regional laws.

// TERMS OF SERVICE

Engineered for fairness.

Use of SandLogic products is governed by individual master service agreements (for enterprise) and standard terms of service (for self-serve). Open-weight Lexicons are governed by their respective open-source licenses.

Service-level commitments, support SLAs, and uptime guarantees are tier-specific and documented in customer contracts.

Full legal documentation is available on request — or directly bundled with your enterprise agreement.

// LET'S BUILD

Compliance team has questions? We have answers.

Email info@sandlogic.comRequest audit pack