Trust Center
Learn about Qpher's security architecture, compliance posture, data handling, and incident response.
Security
Non-exportable keys, AES-256-GCM encryption at rest, application-level tenant isolation, and a zero trust policy engine that fails closed by default.
Compliance
NIST FIPS 203/204 standardized algorithms, SOC 2 Type II audit on the roadmap, and designed-for-compliance approaches to GDPR and CCPA.
Data Handling
Clear data residency, retention, and deletion policies. Private key material is securely overwritten on deletion. Backup and recovery practices documented.
Incident Response
Documented incident response process with 72-hour breach notification per GDPR Article 33. Real-time status page at status.qpher.ai.