Enterprise-Grade Security

Security & Compliance

Decionis is built for enterprise teams that need transparent controls, auditable decisions, and a clear security roadmap.

Compliance & Certifications

SOC 2 Type II

In Progress

Control mapping and evidence collection are in progress for SOC 2 readiness.

GDPR

In Progress

Data minimization and deletion workflows are implemented; formal DPA and residency options are in progress.

ISO 27001

Planned

ISO 27001 controls are on the roadmap as part of enterprise readiness work.

Security Architecture

Enterprise security built into every layer — not bolted on after the fact.

End-to-End Encryption

Traffic is encrypted in transit. At-rest encryption depends on your cloud/database configuration.

Full Audit Trail

Decision inputs, outputs, and workflow events are stored for audit and review.

Role-Based Access Control

Org-scoped RBAC is live with OWNER, ADMIN, MEMBER, and VIEWER roles enforced across tenant APIs.

SSO/SAML Integration

OIDC and SAML tenant identity are available, including signed state, metadata import, and ACS hardening checks.

API Security

Org-scoped API keys, scoped permissions, tenant authorization checks, and optional deployment-level rate limiting are available.

Data Residency

Regional data residency options are planned for enterprise deployments.

Audit-Ready by Design

Decionis doesn't just make decisions — it documents them. Every output is auditable, defensible, and reversible.

Decision Lineage

Full provenance for every decision. See exactly what inputs drove each output.

Export & Reporting

Decision history is available via API. Custom export formats are supported during pilots.

Retention Policies

Retention and deletion requests are handled through documented operational workflows.

How We Handle Your Data

Minimal Data Collection
We only collect what's needed for decision-making. No tracking pixels, no third-party analytics on your decision data.
No AI Training on Your Data
Your decision inputs are never used to train AI models. Your data stays yours.
Right to Deletion
Request complete deletion of your data at any time. We'll remove everything within 30 days.
Subprocessor Transparency
Full list of subprocessors available. We notify you before adding new ones.

Ready for enterprise deployment?

Talk to our team about your security requirements, custom integrations, and compliance needs.

Contact Sales View Pricing

Loading…

Decionis

Verdicts, not suggestions.

Run diagnostic

Enterprise-Grade Security

Security & Compliance

Decionis is built for enterprise teams that need transparent controls, auditable decisions, and a clear security roadmap.

Compliance & Certifications

SOC 2 Type II

In Progress

Control mapping and evidence collection are in progress for SOC 2 readiness.

GDPR

In Progress

Data minimization and deletion workflows are implemented; formal DPA and residency options are in progress.

ISO 27001

Planned

ISO 27001 controls are on the roadmap as part of enterprise readiness work.

Security Architecture

Enterprise security built into every layer — not bolted on after the fact.

End-to-End Encryption

Traffic is encrypted in transit. At-rest encryption depends on your cloud/database configuration.

Full Audit Trail

Decision inputs, outputs, and workflow events are stored for audit and review.

Role-Based Access Control

Org-scoped RBAC is live with OWNER, ADMIN, MEMBER, and VIEWER roles enforced across tenant APIs.

SSO/SAML Integration

OIDC and SAML tenant identity are available, including signed state, metadata import, and ACS hardening checks.

API Security

Org-scoped API keys, scoped permissions, tenant authorization checks, and optional deployment-level rate limiting are available.

Data Residency

Regional data residency options are planned for enterprise deployments.

Audit-Ready by Design

Decionis doesn't just make decisions — it documents them. Every output is auditable, defensible, and reversible.

Decision Lineage

Full provenance for every decision. See exactly what inputs drove each output.

Export & Reporting

Decision history is available via API. Custom export formats are supported during pilots.

Retention Policies

Retention and deletion requests are handled through documented operational workflows.

How We Handle Your Data

Minimal Data Collection
We only collect what's needed for decision-making. No tracking pixels, no third-party analytics on your decision data.
No AI Training on Your Data
Your decision inputs are never used to train AI models. Your data stays yours.
Right to Deletion
Request complete deletion of your data at any time. We'll remove everything within 30 days.
Subprocessor Transparency
Full list of subprocessors available. We notify you before adding new ones.

Ready for enterprise deployment?

Talk to our team about your security requirements, custom integrations, and compliance needs.

Contact Sales View Pricing