What encryption does Auralis AI use?

Auralis AI encrypts all data in transit using TLS 1.2+ and all data at rest using AES-256 encryption on all storage mediums.

How does Auralis AI handle security incidents?

Auralis AI maintains a documented and tested incident response plan. Breach notification is provided within regulatory timeframes, along with a full root cause analysis. Systems are monitored 24/7 with centralized SIEM integration.

Security & Data Protection Overview | Auralis AI

AURALIS

Security & Data Protection Overview

Q: Is Auralis AI GDPR compliant?

Yes. Auralis AI's major subprocessors, including Azure OpenAI, are GDPR compliant. All subprocessors operate under strict Data Processing Agreements (DPAs). EU data residency is available for customers with strict data locality requirements.

We partner with you not just on outcomes, but on compliance, trust, and peace of mind.

At Auralis AI, security, privacy, and compliance are at the core of everything we do. As a trusted AI partner for enterprises handling sensitive data, we have built our infrastructure, processes, and platform to meet and exceed the highest standards for information security and regulatory compliance.

Certified & Audited: SOC 2 Type II ISO/IEC 27001:2013 HIPAA Compliant GDPR Compliant

Compliance Frameworks

Auralis AI is certified and independently audited across the key global security frameworks.

SOC 2 Type II

Audited for controls related to security, availability, and confidentiality, verified over a 12-month observation period by an independent third party.

ISO/IEC 27001:2013

Certified Information Security Management System (ISMS), ensuring a systematic approach to managing sensitive information and organisational risk.

HIPAA Compliant

Architected to meet HIPAA standards for safeguarding Protected Health Information (PHI), including signed Business Associate Agreements (BAAs) for applicable clients.

Data Security

Security is embedded at every layer of the Auralis platform.

Encryption

In Transit: All data is encrypted using TLS 1.2+.
At Rest: Data is encrypted using AES-256 encryption on all storage mediums.

Access Control

Role-based access control (RBAC) with least privilege principles.
Audit trails and real-time monitoring on all administrative actions.
SAML 2.0 / SSO support for enterprise identity management.

Infrastructure Security

Deployed on hardened cloud infrastructure (AWS, Azure, or GCP — customer's choice).
Regular vulnerability scanning and patching.
DDoS protection and advanced threat detection.

Data Privacy & Governance

Data Minimization

Auralis only processes the minimum data necessary to deliver its AI services.
Customers retain full control over what data is shared with Auralis AI.

No Model Training on Customer Data

Customer data is never used to train or fine-tune Auralis AI's foundational models.
No data is transmitted to OpenAI or other third parties unless explicitly permitted by the customer.

Data Retention & Deletion

Granular data retention policies aligned with customer requirements.
Secure deletion protocols upon contract termination or customer request.

Subprocessors & Global Compliance

Subprocessor Transparency

Major subprocessors (e.g., Azure OpenAI) are GDPR-compliant and listed in our public documentation.
All subprocessors are under strict Data Processing Agreements (DPAs) with contractual obligations matching our standards.

EU Data Residency Available

Azure OpenAI hosted in EU data centers is available for customers with strict data locality requirements.
Data never leaves the selected geographic region unless explicitly configured by the customer.

Operational & Incident Response

Proactive Monitoring

24/7 monitoring and alerting across all systems.
Centralized logging with SIEM integration for threat detection and investigation.

Incident Management

Documented and tested incident response plan.
Breach notification within regulatory timeframes and full root cause analysis provided.

Frequently Asked Questions

Is Auralis AI SOC 2 certified?

Yes. Auralis AI holds a SOC 2 Type II certification, audited for controls related to security, availability, and confidentiality over a 12-month observation period by an independent auditor.

Is Auralis AI HIPAA compliant?

Yes. Auralis AI is architected to meet HIPAA standards for safeguarding Protected Health Information (PHI), including signed Business Associate Agreements (BAAs) for applicable clients.

Does Auralis AI train models on customer data?

No. Customer data is never used to train or fine-tune Auralis AI's foundational models. No data is transmitted to OpenAI or other third parties unless explicitly permitted by the customer.

What encryption standards does Auralis AI use?

All data in transit is encrypted using TLS 1.2+. All data at rest is encrypted using AES-256 encryption across all storage mediums.

Is Auralis AI GDPR compliant?

Yes. Major subprocessors, including Azure OpenAI, are GDPR-compliant and operate under strict Data Processing Agreements (DPAs). EU data residency is available for customers with strict data locality requirements.

What cloud infrastructure does Auralis AI run on?

Auralis AI is deployed on hardened cloud infrastructure across AWS, Azure, or GCP — at the customer's choice — with regular vulnerability scanning, patching, DDoS protection, and advanced threat detection.

Does Auralis AI offer EU data residency?

Yes. Azure OpenAI hosted in EU data centers is available for customers with strict data locality requirements. Data never leaves the selected geographic region unless explicitly configured by the customer.

How does Auralis AI respond to security incidents?

Auralis AI maintains a documented and tested incident response plan. Breach notifications are issued within regulatory timeframes, accompanied by a full root cause analysis. All systems are monitored 24/7 with centralized SIEM integration.

Customer Support

ITSM

Field Support

ERP Support

Customer support platforms