DE

R9 STRATEGY INTELLIGENCE

Compliance

Intelligence you can justify.

Enterprise accountability starts with traceability. Our compliance, data residency and transparency foundations — in one place, ready to cite.

EU AI Act

Article 50 transparency — by default.

EU Regulation 2024/1689 mandates AI-generated content labelling from 2 August 2026. We meet Article 50 from day one: every publication and intelligence artefact carries a machine-readable AI transparency notice and a cryptographic provenance signature. No footnote retrofit — architectural axiom.

  • Article 50 AI transparency notice — on every output by default.
  • Machine-readable — in JSON-LD, OpenGraph and HTML meta.
  • Phase-gated claims — Alpha, Beta, GA visibly distinguishable.
  • Reproducibility layer — every statement traceable (see Integrity).

GDPR & Data Residency

Data in Western Europe. No detours.

Personal data is processed under GDPR Articles 13/14 — full disclosure in our Privacy Notice. Data residency: Azure (EU) — West Europe (Netherlands) and North Europe (Sweden). No US transfer risk. No Schrems II issue. No standard-contractual-clause workaround.

  • GDPR-compliant — Articles 13/14 fully disclosed.
  • Azure (EU) — West Europe + North Europe, no US mirroring.
  • TLS 1.3 / mTLS — transport encryption mandatory, no downgrade.
  • Encryption at rest — AES-256, managed keys in Azure Key Vault.

Integrity

Every claim provable.

We publish no claims without a proof chain. The CORTEX Integrity Layer cryptographically signs every publication and triangulates statements against multiple primary sources — before they go public. Details and hash stack: Integrity page.

  • Claim triangulation — statements verified against at least two primary sources.
  • Content hash — SHA-256 per publication, publicly citable.
  • Author attestation — publications signed with reproducible build.
  • Transport seal — tamper detection on delivered artefacts.

Phase-gating

Alpha, Beta, GA — visibly distinguishable.

Every module and every publication carries a phase status. Alpha claims are exploratory, Beta validated but not final, GA production-ready. Disclaimer footer mandatory until GA. No marketing overreach on product pages.

  • Cortex Radar — Alpha → Beta Q2 2026 (Phase-1 DACH).
  • Revenue Engine / Sales Intelligence / Content Engine — Available 2026.
  • Publication claims — phase-gated per report, not blanket.
  • Claim roadmap — transparent in changelog (see Integrity).

Security Posture

Transparency over logo soup.

We don't wear trust badges we don't own. No SOC 2 certification (yet). No ISO 27001 (yet). What we have: Azure-native security, managed identity for all services, Defender monitoring, privileged access controls. What we plan: formal audits from GA.

  • Azure managed identity — no secret-leak vector in services.
  • Defender for Cloud — continuous monitoring, anomaly detection.
  • Privileged Access Management — role-based, audit-logged.
  • ISO / SOC 2 audit — roadmap from GA (2026).

Transparency over marketing

Questions on compliance details?

For audit requests, customer compliance questionnaires or data-processing agreements: direct contact. For strategic intelligence needs: Executive Briefing.

Get in touch → View Integrity