Sovereignty in the plural.
Defensible decisions.
AURA equips companies on every continent. Each deployment picks its hosting region, its compliance regime and its governance. EU AI Act, DORA, NIS2, GDPR, Data Act: compliance sits in the foundations, not as an option — and every decision AURA produces remains defensible, six months later, in front of an auditor or a regulator.
Hosting of your choice: European Union, UK, United States, UAE, Singapore, Brazil. Your data stays in the jurisdiction you pick, no transfer. Compatible with SecNumCloud, C5, IRAP depending on region.
High-risk system ready: full lineage, explainable recommendations, traceable human oversight, immutable event log, up-to-date technical documentation.
ICT risk management, operational resilience testing, incident register, critical-vendor oversight — aligned with DORA regulation and NIS2 directive for essential operators.
Minimisation, purpose limitation, documented legal basis, contracted DPA, processing register, portability rights — whichever regime applies (EU, UK, Brazil, California).
Data portability, B2B sharing, IoT obligations and fair contractual clauses — anticipated from architecture, not retrofitted.
Independent annual audit of security, availability, processing integrity, confidentiality and privacy controls. Report shareable under NDA.
Information-security management system, extended to cloud services (27017) and personal-data protection in the cloud (27018).
Per-user, per-scope Row-Level Security partitioning, cryptographically signed immutable audit log, access and decision traceability — by default, on every deployment.
TLS 1.3 in transit, AES-256 at rest, dedicated KMS per client, BYOK (Bring Your Own Key) and HSM support for regulated deployments.