Security & Compliance
Delphi is built for organizations handling sensitive strategic decisions. Your data stays isolated, encrypted, and in-region.
Compliance
SOC 2 Type II
Built to SOC 2 standards. Certification in progress.
ISO 27001
Aligned to ISO 27001 controls. Certification in progress.
PDPL
UAE Personal Data Protection Law compliant
Data Residency
All data is processed and stored in the GCC. No cross-border transfers.
Tenant Isolation
Every organization runs in a dedicated environment. Your data never touches another client's.
No Model Training
Your data is never used to train or fine-tune AI models.
Encryption
AES-256 at rest, TLS 1.3 in transit.
Access Control
SSO via SAML/OIDC, SCIM provisioning, role-based permissions, audit logging.
Penetration Testing
Annual third-party security assessments.
Subprocessors
Third-party services that process data on our behalf.
| Provider | Purpose |
|---|---|
| Amazon Web Services (Bedrock) | AI model infrastructure (Anthropic Claude) |
| Sevalla | Application hosting |
| Railway | Infrastructure services |
| PlanetScale | Database |
| Vercel | Frontend hosting |
| WorkOS | Authentication & SSO |
Security reviews
We're happy to complete your security questionnaire or walk through our architecture with your team.