01
Data Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Customer-managed encryption keys are available on Enterprise.
- TLS 1.3 in transit
- AES-256 at rest
- BYOK / CMEK ready
Trust & Security
Higher-Education grade by default.
DATIQAI is built for the most demanding compliance environments in higher education — FERPA-aligned data isolation, ministry-grade audit archives, and GCC + EU data-residency options. The controls we ship to ministries ship to every institution.
US-EDFERPA-alignedAICPASOC 2 Type II (in progress)ISOISO/IEC 27001EU/UKGDPR · UK-GDPRGCCPDPL · UAE / KSA / OmanNCAAANCAAA-ready archive
Security pillars
Six layers of defense, working together.
02
Access Controls
SSO, SAML, SCIM, and granular role-based access. Every action — view, query, export — is logged and attributable.
- SAML SSO + SCIM
- Granular RBAC
- Per-resource policies
03
Compliance
DATIQAI is built to meet the bar set by higher-education accreditors and GCC regulators. Continuous controls monitoring, not annual checkbox.
- FERPA-aligned
- SOC 2 Type II (target Q3 2026)
- ISO 27001
- GDPR · PDPL (UAE / KSA / Oman)
04
Data Isolation
Every workspace is a hard tenant boundary. Compute, storage, and embeddings are isolated. Single-tenant deployment is available on Enterprise.
- Per-workspace isolation
- Single-tenant option
- VPC deploy
05
Audit Logs
Every authentication, query, configuration change, and admin action is captured in tamper-evident logs and exportable to your SIEM.
- Immutable trail
- SIEM streaming
- 7-year retention
06
Incident Response
24×7 incident response with named on-call engineers. P1 acknowledgement under 30 minutes. Customer-facing post-mortems within 5 business days.
- 24×7 on-call
- Sub-30 min ack
- Public post-mortems
Residency
Where your data lives is your call.
Choose a region at workspace creation. Pin all storage, compute, and AI inference to that region — including embeddings.
UAE-Dubai
KSA-Riyadh
Oman-Muscat
EU-Ireland
EU-Frankfurt
UK-London
US-East