Sovereign architecture
& governance

Diligio is engineered from the ground up to protect highly sensitive institutional proposals, asset registries, and corporate knowledge portfolios. Explore our core technical defence baselines and upcoming validation timelines.

Cloud infrastructure footprint

Diligio runs on Amazon Web Services in EU data centres (Paris, eu-west-3) and is delivered globally via CloudFront. Data is backed up automatically, with disaster-recovery procedures in place.

Storage engine: AWS S3 secure

Data isolation: RLS guarded

Active core security fabric

The technical safeguards defending your environment right now.

Your data never trains AI models

Your content is strictly confidential. Documents and text are sent to our AI providers only to draft and verify answers at request time, under paid API terms, and are never used to train foundational models.

Advanced cryptographic standards

All records, parsed assets and files are encrypted at rest with AES-256. Data in transit between your browser and our endpoints is encrypted with TLS 1.2 or higher.

Per-tenant data isolation

Each organisation's data is isolated at the database layer using PostgreSQL Row-Level Security, so users can only access data belonging to their own organisation.

Enterprise single sign-on

Connect your identity provider over SAML 2.0 or OIDC. Staff are provisioned just-in-time into your workspace on first login, scoped to your DNS-verified domain, and SSO can be enforced so they authenticate only through your IdP.

Compliance documentation portfolio

SOC 2 Type II report

Planned

Comprehensive audit mapping across security, availability, and non-disclosure trust service criteria.

// Operational audit tracking parameters defined.

ISO/IEC 27001 certification