Trust Center | TapPass

Compliance

GDPR

PII detected and redacted before LLM forwarding
Art. 17 erasure via cryptographic tombstones
Art. 30 records of processing
Art. 33 breach notification process
Data minimization: only metadata retained

EU AI Act

Art. 9 Risk management via scanning pipeline
Art. 12 Record-keeping via hash-chained audit
Art. 13 Transparency via classification
Art. 14 Human oversight via approval gates

SOC 2

In preparation. Controls implemented:

Access control (RBAC, SSO)
Encryption in transit and at rest
Tamper-evident audit logging
Vulnerability scanning in CI

Security

Encryption

In transit: TLS 1.2+ on all connections. Internal services use mTLS.

At rest: Credential vault AES-256-GCM. Audit integrity SHA-256 hash chain.

Authentication

Per-agent API keys (hashed at rest)
Ed25519-signed capability tokens
SAML 2.0 / SSO (Okta, Azure AD, Google)
mTLS for machine-to-machine

Governance pipeline

Every LLM call passes through a multi-step pipeline: PII detection, prompt injection scanning, secret detection, exfiltration prevention, output scanning, and human approval gates.

Vulnerability management

SAST and SCA scanning in CI
Secret scanning in CI
Container scanning on every release
Signed images with SBOM

Data handling

Self-hosted

Deploy in your infrastructure. Your data never leaves your network. We have no access to your instance.

Managed (EU)

Hosted in the EU. Request content processed in memory, not persisted. Audit metadata stored in EU.

Data	Stored	Details
Request/response content	No	Processed in memory. Forwarded to LLM. Not persisted.
Audit metadata	Yes	Timestamp, agent ID, classification, cost. Hash-chained.
Credentials	Yes	AES-256-GCM encrypted. API keys stored as hashes.
Configuration	Yes	Pipeline settings and policies. No PII.

Infrastructure

Architecture

Stateless API gateway with policy engine sidecar. All decisions computed per-request, no shared state between replicas. Horizontal scaling.

Isolation

Every customer is a separate organization. All queries, audit entries, credentials, and policies scoped by org_id. No cross-org API access.

Failover behavior

TapPass unreachable

SDK retries with backoff. Agents fail closed by default.

Retry

Policy engine down

All requests blocked until recovery.

Fail closed

LLM provider down

Auto-fallback to configured backup provider.

Fallback

Database unavailable

Audit writes locally. Pipeline continues. Syncs on recovery.

Local fallback

Sub-processors

Managed service only. Self-hosted deployments have no sub-processor dependencies.

Name	Role	Location
Supabase	Database and auth	EU (Frankfurt)
GitHub	Source code and CI/CD	US (source code only)
Cloudflare	CDN and DDoS	Global (TLS termination only)

LLM providers (OpenAI, Anthropic, Azure) are your sub-processors, not ours. TapPass proxies requests using your API keys.

Security testing

Automated

Unit, integration, and security test suites. SAST, SCA, secret, and container scanning in CI on every commit.

Red team

Internal red team testing across all detection categories including adversarial prompt injection and exfiltration attempts.

Penetration test

Scheduled. Report available under NDA upon completion.

Incident response

Detection

Automated via governance pipeline. PII exposure, injection attempts, and secret leaks create tracked issues with auto-escalation.

Notification

Configurable per severity: webhook, Slack, email, SIEM. Breach notification within 72 hours per GDPR Art. 33.

Report vulnerabilities to security@tappass.ai. Acknowledged within 24 hours.

Documents

Data Processing AgreementGDPR Art. 28 Request Security whitepaperArchitecture, encryption, pipeline Request Penetration test reportUnder NDA Request Sub-processor listCurrent third-party processors Request

Support

Tier	Response	Channels	Hours
Community	Best effort	GitHub Issues	Business hours CET
Professional	4h P1, 1 day P2	Email, Slack	Business hours CET
Enterprise	1h P1	Dedicated Slack	24/7 for P1