Trust & Security
Lynctera is built for regulated environments. Security, data isolation, and AI governance are architectural properties of the platform — not policies added after deployment.
View Vanta Trust CenterLynctera is built for regulated environments. Security, data isolation, and AI governance are architectural properties of the platform — not policies added after deployment.
View Vanta Trust CenterWe invest in certifications that matter to regulated procurement teams. Request our SOC 2 report and review our policies via the Vanta trust center.
Independently audited. Report available on request via our trust center.
AI management system certification programme in progress.
Data processing agreements, consent management, and data subject rights built into the platform.
Your data never shares infrastructure with another organisation. Isolation is physical, not logical.
Every customer gets a dedicated Azure SQL database. No shared tables, no row-level filtering, no risk of cross-tenant data exposure.
Tenant credentials, API keys, and certificates are stored in Azure Key Vault with per-tenant scoping. Accessed via managed identity only.
Knowledge base content is indexed per tenant. No shared search infrastructure between organisations.
Infrastructure hosted on Microsoft Azure in UK and EU regions. Data does not leave the specified residency boundary.
AI governance is enforced by the platform architecture, not by policy documents. These controls cannot be bypassed.
Every AI action is logged automatically: model used, tokens consumed, cost, duration, and output. LLM decisions and tool operations are tracked on separate audit surfaces.
Deterministic rules evaluate first. AI is invoked only when synthesis or judgement is required. This reduces cost, risk, and unnecessary model calls.
Workflows pause at defined gates until a human approves. AI cannot publish, act, or proceed past a gate without explicit human authorisation.
The framework blocks AI calls with incomplete context. If required information is missing, the call is rejected before it reaches the model.
Agent prompts, models, and parameters are version-controlled with temporal history. Any AI behaviour can be reconstructed at any point in time.
AI configuration is continuously monitored across tenants and environments. Deviations from the governed baseline are detected and reported automatically.
Enterprise-grade infrastructure on Microsoft Azure with zero standing access to customer data.
All services run on Microsoft Azure. Compute, storage, AI services, and networking are managed within Azure's compliance boundary.
No hardcoded credentials. All service-to-service authentication uses Azure Managed Identity. Secrets are retrieved from Key Vault at runtime.
All AI model calls route through Azure OpenAI. No data is sent to third-party AI providers. Enterprise data processing agreements apply.
Public-facing services are protected by Azure Front Door with Web Application Firewall. Backend services have network-level access restrictions.
Visit our Vanta trust center to request the SOC 2 report, review our security policies, or ask a security question.