askOdin

Security & Compliance

Sovereign Infrastructure.

Your deal flow is the most sensitive data in your firm. askOdin is built from the ground up to protect it — not monetize it.

Zero Data Retention

We do not train on your data. Period.

Enterprise Clarity deployments operate on a Zero Retention architecture. Your pitch decks, financial models, and cap tables are processed in ephemeral compute instances. Once analysis is complete, source documents are purged. No data enters our training corpus.

Policy: Ephemeral processing. No persistent storage of client source documents.

Encryption

All data is encrypted at every stage of the pipeline.

  • At rest: AES-256 encryption
  • In transit: TLS 1.3
  • API access: Token-based authentication with scoped permissions

Infrastructure

askOdin runs on enterprise-grade cloud infrastructure with security and performance guarantees.

  • Compute: Google Cloud Platform (Enterprise Tier)
  • Edge Security: Cloudflare (WAF, DDoS protection, CDN)
  • Deployment: Cloud multi-tenant (emerging managers) or dedicated instance (enterprise funds)

Jurisdiction

askOdin Pte. Ltd. is headquartered in Singapore — a globally recognized financial center governed by English Common Law principles.

  • Legal Framework: Singapore Companies Act, PDPA compliance
  • IP Protection: U.S. Provisional Patent No. 63/948,559 (RUNE Protocol)
  • Data Sovereignty: Processing region configurable per deployment

Compliance Roadmap

Current
  • Zero Data Retention policy
  • AES-256 / TLS 1.3 encryption
  • Google Cloud Enterprise Tier
  • Cloudflare WAF + DDoS protection
  • PDPA (Singapore) compliance
In Progress
  • SOC 2 Type I certification
  • GDPR Data Processing Agreement
  • Penetration testing (third-party)
Planned
  • SOC 2 Type II certification
  • ISO 27001
  • On-premise deployment option

Questions About Security?

We welcome security reviews and are happy to provide detailed technical documentation for your compliance team.

Contact Security Team