PUBLIC WEBSITE

ReguShield AI · Trust Center

Trust, security & governance

ReguShield AI is European Compliance Intelligence Infrastructure for regulated organisations. This Trust Center sets out how we secure data, respect privacy, govern AI and meet our legal and regulatory commitments. Platform status: Operational.

Protection

Security

Technical and organisational measures protecting customer data across the platform.

Encryption

Implemented

TLS 1.3 in transit, AES-256 at rest.

Tenant isolation

Implemented

Row-level security scopes every workspace to its owner.

Access control

Implemented

Supabase Auth with per-tenant role-based access control.

Immutable audit

Implemented

Append-only audit trails for compliance and acceptance events.

Secrets management

Implemented

Server-side secrets only; never shipped to the client bundle.

External penetration test

Roadmap

Independent assessment targeted for Q3 2026.

Full detail: Security Statement → · Identity & Access → · Assurance & ISMS →

Data protection

Privacy

How personal data is processed under the GDPR, including our controller/processor model and sub-processors.

EU data residency

Implemented

Customer data is stored in the EU region.

Controller / processor model

Implemented

We act as processor for workspace data on documented customer instructions.

Data subject rights

Implemented

Access, rectification, erasure, portability and objection supported.

Data Processing Agreement

Implemented

GDPR Article 28 DPA available to enterprise customers.

Sub-processors

Sub-processorPurposeLocation
SupabaseManaged PostgreSQL database & authenticationEU
VercelApplication hosting & edge deliveryEU / Global edge
ResendTransactional email deliveryEU / US
OpenAIAI reasoning for compliance decision-supportUS

Full detail: Privacy Policy → · Data Processing Agreement →

Regulatory

Compliance

Our readiness posture against the European regulatory frameworks our customers operate under. These are posture statements, not product gating rules.

GDPR

Implemented

Controller/processor model, DPA, data-subject rights.

DORA

Planned

ICT risk posture and incident readiness.

AMLA 2027

Planned

Supervisory readiness assessment in product.

AMLR

Planned

Unified CDD and reporting support.

MiCA

Planned

CASP authorisation and Travel Rule support.

EU AI Act

Planned

Explainability, human oversight, FRIA scaffolding.

NIS2

Roadmap

Network & information security alignment.

eIDAS 2

Roadmap

Future qualified e-signature integration.

ISO 27001

Roadmap

ISMS roadmap, gap assessment Q2 2026.

ISO 27701

Roadmap

Privacy information management extension.

SOC 2

Roadmap

Type I scoping targeted Q4 2026.

Live, source-cited regulatory intelligence: Regulatory Intelligence Center →

Responsible AI

AI Governance

ReguShield AI provides compliance decision-support — not legal advice. Our AI governance posture is aligned with the EU AI Act.

Explainability

Implemented

Deterministic reasoning with regulatory citations and confidence scoring.

Human oversight

Implemented

Outputs are decision-support inputs; a qualified person reviews before action.

Risk classification

Planned

AI features classified and documented under the EU AI Act.

Bias review & FRIA

Planned

Periodic bias review and Fundamental Rights Impact Assessment scaffolding.

AI Usage Policy · AI Governance Policy

Live posture

Trust Status

Last reviewed 2026-06-28.

EU data residency

Implemented

PostgreSQL hosted in the EU region.

Encryption in transit & at rest

Implemented

TLS 1.3 in transit, AES-256 at rest.

Tenant isolation

Implemented

Row-level security scoped per workspace.

Immutable audit trails

Implemented

Append-only compliance + acceptance audit.

Role-based access control

Implemented

Per-tenant roles and permissions.

External penetration test

Roadmap

Targeted for Q3 2026.

Disclosure

Security Contact

Report a security concern or vulnerability. We operate coordinated disclosure.

Email security@regushield.ai (or hello@regushield.ai).

Coordinated disclosure — acknowledge within 72 hours.

Evaluating ReguShield AI for your organisation?

Review the procurement & vendor package, or start enterprise registration.

Procurement Center →Enterprise Registration →

ReguShield AI is operated by ReguShield UAB, a private limited liability company incorporated in the Republic of Lithuania (EU). Status labels: Implemented (live today) · Planned (in progress) · Roadmap (intended, not yet in place).
ReguShield AI provides compliance decision-support intelligence — not legal advice or a regulatory determination.