Security & Compliance

Your data is yours. Architecturally.

Security isn't a feature — it's the foundation. Every claim is verifiable. Every protection is enforced at the engine level.

Start secure — hatch your AI Read our privacy policy →

Built secure

Six architectural guarantees.

AES-256-GCM Encryption

Military-grade encryption for all data at rest and in transit. Every byte of your memory vault is encrypted with keys unique to your account.

Isolated Tenant Architecture

Your vault lives in its own isolated namespace. Row-level security enforced at the database engine level — even MEOK engineers cannot query across vaults.

Zero-Trust Access Model

No backdoor access. No internal admin overrides. All access logged, audited, and cryptographically verified.

Cryptographic Deletion

When you delete your account, we destroy the encryption key — making all your data permanently and verifiably unrecoverable.

UK-Based Infrastructure

All data stored in UK data centres. Fully compliant with UK GDPR, Data Protection Act 2018, and ICO requirements.

Consent-First Design

No data collection without informed consent. No third-party training without explicit opt-in. Every data handling claim is verifiable.

Compliance status

Certifications & registrations.

🇬🇧

UK GDPR

Compliant

✓

ICO Registered

Verified

🔄

SOC 2 Type II

In Progress

🔄

ISO 27001

In Progress

🛡️

COPPA

Compliant

👶

Children's Code

Compliant

What we do to keep you safe.

End-to-end encryption (AES-256-GCM)

Unique encryption key per user account

Row-level security at database engine

Complete audit trail for all data access

Automated vulnerability scanning

Annual third-party penetration testing

Incident response plan (NIST framework)

Staff security training & vetting

UK data centre residency

24/7 infrastructure monitoring

Ready to go secure?

Start free. Your vault is encrypted from day one.

Hatch your secure AI — free