Does Guardian require raw personal data?

Guardian is designed around metrics, monitoring signals, incident records, and documentation metadata rather than unnecessary raw personal data.

How is access controlled?

Guardian is designed to support role-based access so compliance, legal, risk, and AI teams can work from the same operating record with appropriate visibility.

Is Guardian intended for EU-regulated environments?

Yes. Guardian is designed for organisations operating in EU regulatory contexts, especially where high-risk AI systems require stronger monitoring, documentation, and review practices.

Does Guardian replace existing security controls?

No. Guardian is intended to support the monitoring and evidence layer around high-risk AI systems, not replace an organisation’s broader security programme.

Security · data boundaries · production

Security for Guardian's governance and evidence record

Guardian ingests monitoring signals, incident metadata, and review artefacts to build a traceable operating record—it is not a second data lake for raw personal data, and it does not replace your cloud security baseline or SOC programme.

DPA, subprocessors, and the published security policy remain the contractual source of truth; this page explains how we think about boundaries in product terms.

ProductFor AIMethodologyReadiness SprintSecurity policy (PDF)

Book a pilot discussion See the 4-week readiness sprint

AI incident registerSecurity contact

How Guardian approaches security

The product is built for teams that must keep an evidence-grade record next to production AI without widening the sensitive-data surface area. For how we name monitoring, incidents, and boundaries in software terms, see For AI.

Operationally that means metrics and signals, incident and oversight metadata, and documentation context—not bulk raw personal data routed through Guardian by design.

What this means in practice

Hosting and processing aimed at EU-regulated deployments—current regions and subprocessors are listed in the security policy and DPA.

Role-based access to monitoring, incident, and evidence records

Operational focus on metrics, signals, and documentation rather than unnecessary raw data

Structured audit trails around follow-up, review, and oversight actions

Controlled visibility across compliance, legal, risk, and AI teams

What becomes easier with the right security model

Sharing governance records with the right stakeholders without oversharing

Maintaining operational evidence in a more controlled environment

Supporting audit and regulator review with clearer access boundaries

Reducing the need to move sensitive information across scattered tools and documents

Designed for regulated environments

Metrics-oriented architecture

Guardian is designed to operate on compliance metrics and records rather than unnecessary raw personal data.

EU-region processing

We target EU-region processing and storage where our providers support it; confirm current regions, subprocessors, and contractual commitments in the security policy and DPA—not on this marketing page alone.

Access controls

MFA, RBAC, and tenant-scoped access with least-privilege defaults for product roles—details and exceptions live in the security policy.

Operations for review

Incident response process, logged administrative actions, and exports intended to support internal and external review—effectiveness depends on your configuration and use.

Controls and roadmap

Available today

EU-region processing where contractually configured (regions in policy/DPA)
Metrics-oriented platform design
MFA and RBAC
Encryption in transit and at rest (as described in policy)
Incident response process
Published security policy and responsible disclosure

Planned / roadmap

Enterprise SSO (SAML / OIDC) — planned
SOC 2 Type II — programme in flight, not an attestation claim
ISO 27001 — programme in flight, not a certification claim

Roadmap lines describe intent and workstreams, not completed certifications. We separate them from “available today” items to stay precise—ask for the security pack if you need evidence under NDA.

How data is handled

These cards describe categories of data and metadata that typically cross from your monitoring, incident, and review workflows into Guardian—not a catalogue of every security control in your estate.

What we process

Compliance metrics, model metadata, alerts, incidents, and audit outputs.

What we avoid

Clients should avoid submitting raw personal data through the platform or API.

Retention

Platform retention windows are defined by product and contractual settings. Where AI explanation features are enabled, prompt and output retention may be shorter than standard platform retention.

Security FAQ

Does Guardian require raw personal data?: Guardian is designed around metrics, monitoring signals, incident records, and documentation metadata rather than unnecessary raw personal data.
How is access controlled?: Guardian is designed to support role-based access so compliance, legal, risk, and AI teams can work from the same operating record with appropriate visibility.
Is Guardian intended for EU-regulated environments?: Yes. Guardian is designed for organisations operating in EU regulatory contexts, especially where high-risk AI systems require stronger monitoring, documentation, and review practices.
Does Guardian replace existing security controls?: No. Guardian is intended to support the monitoring and evidence layer around high-risk AI systems, not replace an organisation’s broader security programme.

Need security documentation?

Security policy, security questionnaire responses, and subprocessor information are available for customers and qualified prospects.

Download security policy View subprocessors Contact security team

Procurement questions? Book a pilot discussion