TTrust center
The platform we trust to run our own incidents.
AirTee.ai runs its own resilience programme inside AirTee.ai. Here's the posture, the sub-processors, and the documents you need for procurement.
01Certifications & alignment
Where we stand today.
01
UK & EU GDPR
Compliant. DPA available on request — see contact below.
02
HIPAA-aligned
Controls aligned with HIPAA Security Rule for healthcare deployments.
03
SOC 2 Type I
In progress. Type II audit window opens Q2.
04
ISO 27001
Implementation underway; certification target end of next FY.
05
DORA / NIS2
Platform supports customer compliance and is itself in-scope as a critical ICT provider.
06
Single tenant
Available for regulated customers; UK/EU/US residency.
02Practices
Engineering controls, in plain English.
- ▍Encryption in transit (TLS 1.3) and at rest (AES-256).
- ▍SSO via SAML and OIDC; SCIM provisioning.
- ▍Role-based access; least-privilege by default.
- ▍Penetration testing quarterly by an independent third party.
- ▍Incident response runbook published — and run on AirTee.
- ▍Sub-processor list maintained at /security and updated 30 days before changes.
— next step
Need our DPA or sub-processor list?
Email security@airtee.ai or use the contact form. Most procurement requests turn around in 24 hours.