Trust center¶
This is the consolidated trust summary for Venturi — the single page a prospective customer's security and procurement reviewer can read to get the answer to every common diligence question, with a pointer to the detailed page behind each answer. Every row here is defensible from the rest of this section.
Trust summary¶
| Trust question | Venturi's answer |
|---|---|
| Where does our data live? | Inside your own VPC, in your own cloud account. Customer transactional and AI-invocation data never leaves your trust boundary. → Security architecture |
| Can Venturi reach into our network? | No. The control plane is outbound-only and region-pinned; it initiates nothing inbound. Full offline mode is available. → Security architecture |
| Can Venturi change anything in our systems? | No. All integrations are read-only, with an explicit IAM Deny on writes; read-only cannot be overridden. → Security architecture |
| Can Venturi take our AI traffic down? | No. The gateway is fail-open with a hard 50 ms timeout; on any failure it forwards your request unmodified. Not configurable. Customer-traffic availability is effectively ~100%; the 99.9% serving SLO bounds attribution availability, not your traffic. → Security architecture |
| Do you read our prompts/completions? | No. Content inspection is disabled by default; Venturi processes invocation metadata only, never bodies, and stores API keys as a truncated prefix. → Data privacy & retention |
| Do you profile or score individual employees? | No. Adoption intelligence is cohort-only (minimum cohort of 5), with sub-cohort suppression; individual-level views are off by default and hard-disabled in the EU. No emotion or behavioral-state inference. → Data privacy & retention |
| How is our data isolated from other tenants? | Per-tenant database, event topics, and a dedicated KMS key per tenant; cross-tenant queries are rejected with 403 TENANT_MISMATCH and logged. → Tenant isolation |
| How is data encrypted? | AES-256 at rest with your KMS key; TLS 1.3 in transit; mTLS (SPIFFE) for internal gRPC; cert-pinned control-plane→data-plane path. → Security architecture |
| How are secrets managed? | A managed secrets store; never on disk or in pod env; database credentials rotate every 90 days; JWT signing keys are externally managed and rotated; your provider keys never reach our control plane in plaintext. → Security architecture |
| What about audit logs? | Append-only audit log to a COMPLIANCE-mode Object-Locked bucket (5-year retention), PII pseudonymized, with an immutable policy-event writer recording every policy decision, model promotion, override, and break-glass access. → Data privacy & retention |
| How long do you keep our data, and can we delete it? | Operational retention defaults to 13 months (configurable 30 days–5 years). Erasure is by crypto-shredding your per-subject/per-tenant keys, certified within 30 days, with a deletion certificate. → Data privacy & retention |
| How do you handle a right-to-erasure request? | As your processor, on your instruction: operational/attribution data is crypto-shred-erased within 30 days; audit/override stores are retained pseudonymized under a named lawful basis; anonymized aggregation contributions are non-personal and not individually reversible. → Data-subject rights |
| Are you SOC 2 certified? | SOC 2 Type I readiness/report is a target; Type II is targeted within 12 months. It is not yet held. Scope is Security + Availability + Confidentiality + Processing Integrity (Privacy added on the first EU/regulated deal). → Compliance |
| What is your GDPR role? | We are your processor; you are the controller. We commit Art. 28(3) DPA terms, RoPA, a DPIA template, a lawful-basis mapping, and Art. 28(2) subprocessor change-notification. → Compliance |
| GDPR / data residency? | Data stays in your VPC; the control plane and cross-tenant aggregation are region-pinned from day one (single region + SCCs); EU data stays in-region or under Chapter V safeguards. → Residency & subprocessors |
| EU AI Act? | We document a non-high-risk posture under Art. 6(3)(c)/(d), register under Art. 49(2) regardless, perform no emotion inference (Art. 5(1)(f)), and stay out of profiling via cohort-only adoption intelligence. → Compliance |
| DPA & subprocessors? | Minimal subprocessor surface by architecture (your cloud hosts the data plane). A formal DPA and a published, versioned subprocessor list are produced in the enterprise-readiness workstream. → Residency & subprocessors |
| Incident response & breach notification? | A documented Sev-1/2/3 plan; we notify you without undue delay (target ≤24 h of becoming aware) so you can meet your GDPR Art. 33 72-hour deadline. → Compliance |
| How is the platform threat-modelled? | A STRIDE threat model maps each threat to its control and residual risk, exercised by a standing red-team. → Security architecture |
| Can we trust the numbers for chargeback? | Operational confidence is an auditable policy ceiling of 0.95 and is never raised; only coper ≥ 0.80 is chargeback-eligible; provisional attributions are labeled and never auto-billed; unknown is reported as unknown, never zero. → Confidence and evidence |
| What about your supply chain? | Dependency and image scanning with critical-finding remediation within 7 days; signed images and an SBOM per release; model artifacts are hash- and signature-verified at load. → Security architecture |
Control framework crosswalk¶
Venturi's in-architecture controls map to the principal governance frameworks. ISO/IEC 27001 (ISMS) and ISO/IEC 42001 (AIMS) certification are roadmap items; the mapping is provided now to accelerate diligence and show how the control design matures into a managed-system certification.
| Venturi control | NIST AI RMF | NIST SP 800-53 / CSF | ISO/IEC 27001 / 42001 |
|---|---|---|---|
| Fail-open + per-plane SLOs + error budget | MANAGE 2.x; MEASURE 2.x | CP-10, SC-5; CSF RC.RP | 27001 A.5.29, A.8.14; 42001 |
| Confidence cap / calibration / false-high-confidence gate | MEASURE 2.x | SA-11; RA-3 | 42001 |
| Fairness / subgroup-disaggregated evaluation | MEASURE 2.11 | — | 42001 |
| Read-only IAM deny / least privilege | MANAGE 1.x | AC-3, AC-6 | 27001 A.5.15, A.8.2 |
| Tenant isolation / cross-tenant 403 | MAP 5.x | SC-2, SC-4, SC-7 | 27001 A.8.20–A.8.23 |
| Encryption at rest/in transit, KMS lifecycle | — | SC-8, SC-12, SC-13, SC-28 | 27001 A.8.24 |
| Secrets management / rotation | — | IA-5, SC-12 | 27001 A.5.17, A.8.24 |
| Audit trail (pseudonymized, COMPLIANCE-mode lock) | GOVERN 1.x; MANAGE 4.x | AU-2, AU-9, AU-11 | 27001 A.8.15, A.5.28 |
| Retention / crypto-shred erasure / DSAR | MAP 4.x | SI-12; MP-6 | 27001 A.5.34; 42001 |
| Threat model / red-team | MEASURE 1.x; MANAGE 1.x | SA-11, SA-15, RA-3, CA-8 | 27001 A.8.8, A.8.29 |
| Supply chain / SBOM / signing | MAP 4.1 | RA-5, SR family; SSDF SP 800-218 | 27001 A.8.8, A.5.21 |
| Human oversight of model selection & disputes | GOVERN 1.x; MANAGE 3.x | — | 42001 |
| EU AI Act self-classification | GOVERN 1.x | — | 42001 |
Human oversight¶
A single human-oversight requirement governs which decisions require a human: production model selection is a human Venturi-leadership decision recorded with an evidence card (an automated approver is rejected), and customer disputes and overrides are human-adjudicated and recorded to the audit trail with an SLA. Both are recorded in the audit trail.
Reliability commitments¶
The serving plane carries explicit SLOs, distinct from the fail-open customer-traffic guarantee:
| Objective | Target |
|---|---|
| Customer AI-traffic availability | Effectively ~100% (guaranteed by fail-open) |
| Serving plane (query/dashboard API) availability | 99.9% |
| Recovery point / time objective | RPO ≤ 15 min / RTO ≤ 1 h |
| Index freshness | P99 ≤ 90 s |
| Reconciliation latency | ≤ 24 h |
| Breach notification to you | Target ≤ 24 h of becoming aware |
A Business Continuity Plan extends disaster recovery to key-person succession, cloud-provider or region outages, and critical-subprocessor failure, and is exercised at least annually.
Diligence artifacts & vulnerability disclosure¶
- Diligence packet. A security and data-processing diligence packet — covering the trust-boundary model, the control matrices, the threat model, and the lawful-basis mapping — is available to prospective customers under NDA. Contact your Venturi representative or reach the security team to request it.
- Vulnerability disclosure. Venturi publishes a coordinated Vulnerability Disclosure Program and a
security.txt(RFC 9116) advertising a monitored intake, with safe-harbor for good-faith research and coordinated-disclosure terms. Report a suspected vulnerability privately through that channel. - Status page. A public status page reports component health and active or scheduled-maintenance incidents.
Related pages¶
- Security architecture — the trust boundary, encryption, fail-open, and threat model.
- Tenant isolation — per-tenant stores, keys, and cross-tenant rejection.
- Data privacy & retention — what is collected, retention, and erasure.
- Data-subject rights — access, erasure, and portability.
- Residency & subprocessors — where data lives and who processes it.
- Compliance — SOC 2, GDPR, CCPA, and the EU AI Act.