Security

Our Security Commitment

Organizations deploying Reality Fidelity are operating in high-stakes environments where security failures can have serious consequences. We build our infrastructure with this reality in mind.

Security isn't an afterthought—it's foundational to our architecture and operations.

Security Certifications & Compliance

We maintain rigorous security certifications and undergo regular third-party audits to validate our security posture.

Data Handling

Data Residency

We offer data residency options to meet regulatory requirements:

• United States (default)
• European Union (GDPR compliance)
• Custom regions available for enterprise customers

Data Retention

Configurable data retention policies with secure deletion procedures. Audit logs retained per compliance requirements.

Data Processing

We process only the data necessary for Reality Fidelity operations. Customer AI model data remains in customer environments—we verify completeness, not content.

Enterprise Security Features

• Single Sign-On (SSO) — SAML 2.0 and OIDC integration with major identity providers
• Private Deployment — On-premises and private cloud deployment options
• Custom Security Controls — Configurable security policies to meet organizational requirements
• Security Reviews — Dedicated security reviews and architecture assessments
• SLA Commitments — Enterprise SLAs with uptime and security incident response guarantees

Responsible Disclosure

We welcome security researchers to report vulnerabilities through our responsible disclosure program.

Report security issues to: security@onticlabs.com

PGP key available at: /.well-known/security.txt

Security Documentation

Enterprise customers receive access to:

• SOC 2 Type II report
• Penetration test executive summary
• Security architecture documentation
• Data processing agreements (DPA)
• Business associate agreements (BAA) for HIPAA