If yours isn’t here, write it and we’ll answer in plain language — with a citation, not a sales bullet.
Ours, in an HSM behind attested hardware (AWS Nitro Enclaves or GCP Confidential VM), under our SOC 2 attestation. The agent runtime never sees the key. The customer can re-verify offline against the public anchor, but they cannot rewrite history. That separation is the entire point.
It already was. The May 2026 Digital Omnibus moved standalone high-risk obligations to 2 December 2027 and embedded high-risk to 2 August 2028 — and crucially, made them fixed calendar dates rather than standards-conditional ones. A CCO can no longer wait for harmonized standards as cover for delay. We’ve updated the page and the framework pack to match. In any case: DORA has been live since 17 January 2025, the April 2026 interagency MRM principles are in effect, GDPR Article 22 is eight years old, and SOX is older than most of the agents you’re shipping. We’re not betting the company on the AI Act calendar — and you shouldn’t buy us based on it alone.
Self-hosting solves residency. It does not solve mutability, control mapping, or completeness proofs. A regulator asking under Article 12 wants to know that the log is intact since recording, not since you last redeployed. You can build a hash chain on top of Langfuse. Several customers have. They are usually the ones who come to us next.
Probably within twelve to twenty-four months. Their bill scales with span volume; auditors hate that, and Datadog’s brand sits in Engineering, not in Risk or Internal Audit. Our moat is the data model, the cryptographic chain, and the audit-firm partnerships we’re building now. Where Datadog is genuinely better, we’ll integrate.
No. The SDK does deterministic tokenisation at the customer boundary using a re-identification key the customer holds. We see hashed tokens. The PII never leaves their cloud. Auditors can still reconstruct decisions because the customer can re-identify on demand.
Multi-tenant SaaS in your region (EU, UK, US) by default. Single-tenant at the $150K+ ACV tier. BYO-cloud deployment for the largest customers — we operate the signing infrastructure in your account, you cannot touch the keys.
LangGraph and the OpenAI Agents SDK are first-class today. Anything emitting OpenTelemetry GenAI semantic conventions works through the OTel ingestion path — that covers most enterprise agent stacks. Mastra and the Vercel AI SDK are on the roadmap.
No. Runfile records; it does not gate. Real-time guardrails are a different product category with strong incumbents (Lakera, Galileo, Prompt Security). If you want both, we integrate cleanly — their refusal events show up in the Runfile chain as first-class evidence of effective oversight.
Starter: $1,500/month, 100K executions, 30-day hot retention, one framework pack. Growth: $5,000/month, 1M executions, 90 days, three frameworks, EU residency. Enterprise: $50K–$250K/year, unlimited executions, 7-year retention, every framework pack, SSO, BYO-key, on-prem. Design partners are discounted.
SOC 2 Type I shipped at month four; Type II observation period underway. ISO 27001 by month fifteen. ISO/IEC 42001 in parallel. HIPAA BAA-capable from day one. EU and US data residency live. UK in month six. FedRAMP is on the long-range roadmap, not yet.
Yes. The event protocol is public. The export format is signed, deterministic, and re-verifiable offline. A seven-year audit retention shouldn’t be a seven-year lock-in, and we’ve built it that way.
Founder is ex-JPM and ex-Northern Trust with a UK Ltd presence in London. Fractional Head of GRC on board; first AE after the first paid customer. We’re working with a small, named set of design partners across US, UK and EU regulated finance. Happy to share references on the call.
Write it. We’ll answer with a citation, in plain language, on the call.