Your data stays in your tenant.Every action is logged. Every model call is gated.

Is RevSprint SOC 2 compliant?

RevSprint is working towards SOC 2 Type II, ISO 27001, ISO 27017, ISO 27018, ISO 27701, HIPAA, and NHS DSPT certifications. UK GDPR and CCPA compliance is in place. The security architecture was built for certification from day one: layered deterministic code boundaries enforce tenant isolation at every layer, an immutable, cryptographically linked audit trail logs every action, and personal data is removed before any external model processes it. Annual third-party penetration testing is available on Enterprise, with full reports under NDA.

How does RevSprint handle data privacy?

Layered boundaries protect your data at every layer. Tenant isolation is enforced at the database level, making cross-tenant access structurally impossible. Role-based access controls gate what each user and the AI can see. Personal data (names, emails, phone numbers) is redacted before any content reaches an external AI model. Every action is recorded to a tamper-evident, append-only audit trail. And your admins control exactly what RevSprint can act on autonomously, per department and per action type. Data is encrypted with TLS 1.3 in transit and AES-256 at rest on dedicated cloud infrastructure.

The architectural safeguards.

1. 01

   The Deterministic Execution Boundary

   The language model physically lacks the authority to execute API calls or database commands. It is confined to classifying intent; it never acts. Every action runs through separate, deterministic, governed execution paths the model cannot reach or rewrite. Because the language model has no physical pathway to execute a command, hallucinated execution is architecturally impossible across all 11 departments.

2. 02

   Cryptographic Audit Trail

   Our dual-ledger architecture secures both autonomous AI executions and human security events by forming a continuous, mathematically linked sequence. Every human security action (access changes, policy updates) and autonomous AI state transition is cryptographically bound via a per-organisation hash chain. An automated hourly monitor verifies the chain's integrity, instantly flagging any mathematical discrepancies. This unbroken sequence is continuously mirrored to an external, WORM-compliant (Write Once, Read Many) storage vault, providing absolute, immutable proof of every system operation that remains impervious even to root-level infrastructure access.

3. 03

   Role-Appropriate Intelligence Filtering

   Our architecture structurally prevents internal data leakage and unauthorised “prompt-based” privilege escalation. While the system computes risks and insights from the full organisational picture, a strict disclosure guard intercepts every output. The AI is forced to speak at the exact hierarchical clearance of the user querying it, ensuring that staff receive intelligence and escalation guidance filtered strictly to their assigned role, preventing any user from leveraging AI to bypass internal departmental data silos.

4. 04

   The Organisational Hard Wall (Layered Tenant Isolation)

   Cross-tenant data exposure is impossible by construction. We enforce an absolute organisational hard wall using layered isolation that spans identity, request context, the payload sent to any model, the response returned, and a mandatory database-level tenant wall enforced on every single query. Furthermore, strict tenant isolation is hardcoded into all third-party integration triggers and action handlers, structurally guaranteeing that one organisation's data can never leak into another's, even during complex, automated workflows.

5. 05

   Structural Anonymisation for Network Intelligence

   Our cross-cohort intelligence model provides industry win-rates and velocity benchmarks without compromising tenant privacy. The intelligence models structurally lack tenant identity markers. Data is anonymised using cryptographic cohort hashing and requires a strict minimum density threshold per cohort (30+ organisations) before processing. The system consumes only statistical aggregates, ensuring the mathematical impossibility of re-identifying any single organisation's data within the network.

6. 06

   Input Redaction & Output Validation

   Personally identifiable information (PII) is structurally stripped before any payload reaches an external model. Upon response generation, an extraction layer mathematically verifies all numerical and entity claims against the structured database return before the user sees it. Furthermore, our 4-tier graduated autonomy enforces strict risk floors: any action categorised as high-risk or critical automatically pauses and demands explicit human approval before the system is permitted to proceed.

What infrastructure does RevSprint run on, and what is the disaster recovery posture?

Hosted on enterprise-grade cloud infrastructure with localised data residency options. We maintain a 1-hour Recovery Point Objective (RPO) and 4-hour Recovery Time Objective (RTO) supported by multi-region automated backups. Data is secured via TLS 1.3 in transit and AES-256 at rest, utilising dual-key encryption rotation for compliance-mandated key changes with zero system downtime.

Which authentication and identity management standards do you support?

Full support for SAML 2.0 with leading IdP presets (Okta, Azure AD, Google), SCIM 2.0 for automated user provisioning, and WebAuthn/FIDO2 passwordless access. Active Directory group-to-role mapping resolves automatically on both login and provisioning paths, supporting multi-value extraction and highest-precedence resolution to accurately mirror complex enterprise hierarchies.

How is internal access governed across departments?

We govern all 11 departments over a single canonical data model, eliminating fragmented silos. Human staff permissions are absolute and cascade through both the UI and AI layer, including RIBA. Strict Role-Based Access Control structurally prevents users from leveraging RIBA to access restricted financial, legal, or operational records outside their clearance. Progressive Autonomy is gated by constitutional rules per department and per action type, never configurable to bypass approval for high-stakes actions.

How are human and AI actions audited?

Uncompromising accountability for both human and machine operations. Every human security event and every autonomous RIBA action is locked into the ROI Ledger, a per-organisation cryptographically chained, tamper-evident audit trail. Continuous mirroring to the WORM vault ensures an unalterable, 7-year compliant timeline of every event across the organisation. The ledger traces each RIBA intervention to the deal it influenced, making compliance and outcome attribution one structural property.

How do you detect and respond to threats?

Deployment pipelines enforce strict pre-commit security gates and adversarial audits. At runtime, the system continuously calculates Z-score behavioural baselines for your organisation, triggering automated lockouts upon detecting sudden spikes in data access, anomalous human login patterns, or abnormal autonomous RIBA action volumes. Every detection event is logged to the ROI Ledger and routed to your security team for review.

Which regulatory frameworks is the architecture ready for?

Ready for the EU AI Act, HIPAA, NHS DSPT, GDPR, and CCPA. The architecture programmatically enforces requirements, including executing automated Article 22 consent checks prior to profiling and ensuring high-risk AI steps are hard-gated behind human judgement through Progressive Autonomy. Compliance is a structural property of the system, not a configuration layer. Constitutional rules cannot be turned off.