Trust & Infrastructure

Security, Residency, and Ownership.

This page documents our security certifications, data residency options, deployment models, and what it means to own your intelligence layer.

Security Certifications

SOC 2
Type I Verified
HIPAA
Compliant
BAA
Available
AES-256
Encryption
Encryption at rest
AES-256 via AWS KMS
Customer-managed keys available on Enterprise plans
Encryption in transit
TLS 1.3
Penetration testing
Annual third-party assessment
Reports available under NDA
Access control
Role-based with MFA enforcement
Quarterly access reviews
View full security controls

Data Residency

Your data stays in the region you choose. We do not replicate customer data across regions without explicit consent.

Available regions
US (N. Virginia, Oregon), EU (Frankfurt, Ireland)
Additional regions available on request
Data isolation
Logical tenant isolation with dedicated encryption keys
Cross-border transfers
None by default
Required transfers use Standard Contractual Clauses
GDPR compliance
Data processing agreements available

Deployment Options

Choose the deployment model that fits your security and operational requirements.

Multi-tenant Cloud

Shared infrastructure with logical isolation. Fastest to deploy, lowest operational overhead.

  • SOC 2 / HIPAA compliant
  • Automatic updates
  • 99.9% uptime SLA
  • Standard data residency options

Dedicated Cloud

Single-tenant infrastructure in our cloud. Your own compute and storage, managed by us.

  • Dedicated VPC
  • Customer-managed encryption keys
  • Custom data residency
  • Network isolation

On-Premise / VPC

Deploy in your infrastructure. Full control over data, network, and access.

  • Your cloud or data center
  • Air-gapped option available
  • Integrate with existing IAM
  • You control all data flows

Intelligence Ownership

The knowledge graphs, ontologies, and semantic relationships you build in CogniSwitch belong to you. Here's what that means technically.

Export format
W3C RDF triples (Turtle, JSON-LD, N-Triples)
Open standard, works with any RDF-compatible system
What's included
Entities, relationships, conflict resolutions, provenance metadata
Export frequency
On-demand or scheduled
API access for programmatic exports
Vendor lock-in
None
Your ontologies work in Stardog, Neo4j, Amazon Neptune, or any RDF store
The distinction

You can export your raw documents from any platform. The question is whether you can export the intelligence you've built — the semantic relationships, the resolved conflicts, the institutional knowledge. With CogniSwitch, you can.

Learn more about intelligence ownership

Data Handling

What we do and don't do with your data.

We do
  • Process your documents to build knowledge graphs
  • Store your data in your chosen region
  • Encrypt everything at rest and in transit
  • Provide complete data export on request
  • Delete your data within 30 days of contract termination
We don't
  • ×Train models on your data
  • ×Share data between customers
  • ×Replicate data outside your chosen region
  • ×Access your data without explicit authorization
  • ×Retain data after contract termination

Request Trust Packet

Includes SOC 2 Type I report, completed security questionnaire (SIG, CAIQ), architecture documentation, and data processing agreement.

Request PacketSecurity Controls