Trust Center
Your data, contractually protected
Every commitment on this page is a binding contractual obligation — signed by us, enforceable by you. Not marketing language. Not a policy that can change. Architecture and agreements designed for the standards your compliance team requires.
Data Commitment
What we contractually guarantee
Formal details are in our Data Confidentiality Agreement, available below.
Zero AI Training
Your data is never used to train, retrain, or improve AI models. Data is strictly isolated and used only to generate analysis for your account. This isn't a setting we can toggle — it's how the architecture works.
Zero Data Monetization
We will never sell, share, lease, or monetize your data. This is a contractual covenant, not a policy statement. There is no business model where your data becomes our product.
Encrypted & US-Only
All data is encrypted AES-256 at rest and TLS 1.3 in transit. Data is processed and stored exclusively in the United States on SOC 2 certified infrastructure. No exceptions.
Full Audit Trail
Every login, data access event, and configuration change is logged. Audit logs are available on request — built for your compliance team, not hidden from them.
Certified Deletion
When you leave, we don't just deactivate your account. We certify complete deletion of all data from active systems and backups within 10 business days. Written certification provided on request.
Data Portability
Your data belongs to you. Export it at any time in standard formats. No technical or contractual barriers to portability, ever.
Compliance Documents
Everything your compliance team needs
Download our compliance documents, review our compliance center, or send the package directly to your compliance team.
Data Confidentiality Agreement
Signed by us. No obligation on your part.
Vendor Due Diligence Questionnaire
Pre-filled. Common DDQ questions answered.
Compliance Center
Policies, controls & documentation.
Send to your compliance team
Open a pre-filled email with links to our trust center and compliance documents.
Send to Compliance TeamHow We Compare
entropyFA vs. consumer AI platforms
Most AI tools are built for consumers. entropyFA is built for regulated financial institutions.
| Data Practice | entropyFA | Consumer AI Platforms |
|---|---|---|
| AI model training | Never. Contractually prohibited. | Often used by default. Opt-out varies. |
| Data monetization | Contractual covenant against any form. | May share with affiliates or for ads. |
| Data residency | US-only. SOC 2 certified infrastructure. | Global. Data center location varies. |
| Encryption | AES-256 at rest. TLS 1.3 in transit. Per-family keys. | Varies. Shared infrastructure typical. |
| Data deletion | Certified deletion in 10 business days. | Retention periods vary. No certification. |
| Audit trail | Full logging. Available on request. | Limited or no access to audit logs. |
| Human oversight | Non-discretionary. Human approval required. | Autonomous by default. No approval layer. |
Security Architecture
Enterprise-grade security infrastructure
entropyFA is held to the security standards of a SOC 2 certified technology platform and the regulatory standards of a fiduciary institution.
Encryption Architecture
AES-256 encryption at rest and TLS 1.3 in transit. Per-family encryption keys ensure data isolation at the cryptographic level.
Per-Family Isolation
Every family gets its own isolated environment with dedicated access boundaries. Data is never commingled across households in queries or processing.
Access Controls
Role-based access control ensures users only see what they need. Multi-factor authentication enforced. All access logged and auditable.
Infrastructure Security
Hosted on SOC 2 certified cloud infrastructure with continuous monitoring, automated threat detection, and incident response.
Agents propose. Humans approve.
Autonomous doesn't mean unsupervised. Every significant action goes through human review before execution.
Non-Discretionary Mode
Agents analyze, recommend, and prepare — but you make the final call. Every action requires explicit human approval before execution.
Transparent Reasoning
Every recommendation comes with the complete reasoning chain, data sources consulted, and confidence level. No black boxes.
Exception Flagging
Agents identify edge cases, unusual patterns, and situations that warrant human judgment — and flag them for your review.
Compliance
Fiduciary Compliance Infrastructure
Built for Regulated FirmsFiduciary-Grade Standards
Built to meet the compliance requirements of SEC-registered investment advisors and fiduciary institutions.
Code of Ethics
Platform-enforced ethical guidelines that ensure AI agents operate within fiduciary standards.
Audit-Ready Architecture
Every decision, recommendation, and data access is logged with full reasoning trails — ready for regulatory review.
Questions about our trust architecture?
We'd love to walk you through our security infrastructure and compliance framework.
Get in Touch