We anchor every audit packet to a public ZK ledger so customers can verify integrity without trusting us. Below you'll find our certifications, subprocessor list, DPA, and the policy frameworks we attest to.
Plurall AI encrypts customer media in transit and discards source files after the scan window. We anchor every audit packet to a ZK ledger so customers can verify integrity without trusting us.
Plurall AI is GDPR Art. 28-aligned and offers a customer DPA on request. We process customer media solely to deliver the contracted scanning service.
Plurall AI publishes its full subprocessor list and notifies customers in advance of any change.
Plurall AI provides a customer-ready DPA that covers GDPR, UK GDPR, CCPA, and equivalent frameworks. Annexes list the categories of personal data processed and the lawful basis.
Plurall AI maintains an annual SOC 2 Type II report covering security, availability, and confidentiality.
Plurall AI is ISO 27001:2022 certified, attesting to the maturity of our information security management system.
Plurall AI is Article-50 ready. Our products help customers comply with transparency obligations for synthetic content.
The TAKE IT DOWN Act enforces from May 19, 2026. Plurall AI ships a compliance pack that includes audit packets, attestations, and the policy templates we use internally.
| Vendor | Purpose | Region | Personal data |
|---|---|---|---|
| Amazon Web Services | Compute, object storage | us-east-1, eu-west-1 | content |
| Cloudflare | Edge routing, DDoS protection | Global | metadata |
| Datadog | Observability and metrics | us-east-1 | metadata |
| PagerDuty | Incident routing | Global | none |
| 1Password | Secrets management | Global | none |
| Stripe | Billing and invoicing | Global | metadata |