AuraOne

Compliance & Security Review

Effective Date: October 9, 2025 | Last Updated: October 9, 2025

AuraOne keeps compliance, security, and regulatory work straightforward. Automated evidence, hardened controls, and full audit trails help teams meet obligations across industries and regions without building the plumbing themselves.

Compliance programs and certifications are owned by customer organizations. AuraOne provides review materials, evidence packaging, and governance patterns to support those programs.

Frameworks and review materials

Security review materials

Available

Controls overview, deployment considerations, and evidence expectations (shared during vendor review).

Privacy & data handling

Available

Data processing, retention expectations, and configurable governance patterns.

GDPR

Supported

Support for GDPR-oriented workflows and data protection requirements (programs remain customer-managed).

HIPAA

On request

HIPAA-oriented workflows and evidence capture; BAA discussions handled during procurement when applicable.

CCPA/CPRA

Supported

Support for privacy requests and data governance requirements (programs remain customer-managed).

EU AI Act

Supported

Evidence packaging patterns to help regulated teams assemble audit-ready documentation.

01. Our Compliance Commitment

AuraOne treats compliance as a shared responsibility. We provide platform-level controls, automated evidence generation, and continuous monitoring.

  • Platform ControlsSecurity features, encryption, and audit logging built-in.
  • Automated EvidenceArtifacts and documentation produced automatically.
  • Continuous MonitoringDashboards and automated alerts (as configured).
  • Expert SupportSupport paths for compliance reviews and evidence requests.

02. GDPR Compliance

Legal Basis & Processing

  • • Data Processing Addendum (DPA) with SCCs
  • • Clear controller/processor roles
  • • Lawful basis identification
  • • Purpose limitation enforced

Rights Support

  • • Automated Subject Access Requests (SAR)
  • • Secure deletion workflows
  • • Self-service data correction
  • • Standardized data portability

EU AI Act Compliance

Automated Technical Documentation

Automated generation of technical files required by Annex IV, including system description, development process, and validation data.

Article 11 Tech DocsArticle 9 Risk Mgmt

Risk & Governance

Comprehensive risk assessment frameworks, data governance documentation (Article 10), and accuracy/robustness metrics (Article 15).

Bias DetectionRobustness Testing

EU AI Act Compliance Pack

One-click generation of conformity assessments and post-market reports.

Request Access →

10. Data Residency

United States

  • US East (VA)
  • US West (OR)
  • US Central (IA)

European Union

  • Frankfurt
  • Ireland
  • Paris

United Kingdom

  • London

Asia Pacific

  • Singapore
  • Tokyo
  • Sydney

Compliance Inquiries

General Compliance

Audit reports & questions

compliance@auraone.ai

Data Protection Officer

GDPR/Privacy

dpo@auraone.ai

HIPAA Compliance

BAA Requests

hipaa@auraone.ai

EU AI Act Support

Regulation help

eu-ai-act@auraone.ai

Shared Responsibility Model

Compliance outcomes depend on configuration. AuraOne provides secure infrastructure and controls, but customers are responsible for their specific model validations, policies, and product-level certifications (e.g., FDA).